Hi Brett
brettcarroll wrote:
Do I need to enable a Web Agent plugin in WebAgent.conf?
Yes.
You've done the hard work, which is getting apache to have prompt the user for the certificate, Once you enable the webagent it will process the GET request for the .scc resource.
How it works is that Siteminder does not do anything particularly clever, it just captures the CERT and DN from what was passed into apache, and then the agent passes those back to the policy server. The policy server then has the rules to extract the user name from the cert.
Older versions of SPS did not work with CERT Auth schemes, but recent ones do.
So, enabling the agent should be all you should need to do now - but do that and lets see :-)
Cheers - Mark