-
|
I use api to activate worker error: “ Admin not authorized to resource. Client certificate authentication required. ” Could you please tell me the reason for this? required url: https://sign.vteamcloud.com/signserver/rest/v1/workers/reload request header: X-Keyfactor-Requested-With:admin I don't know what to fill in for the value of X-Keyfactor-Requested-With, so just fill in an admin |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
That error message means that the REST operation requires admin privileges. The X-Keyfactor-Requested-With header is required as a measure to prevent XSRF: https://en.wikipedia.org/wiki/Cross-site_request_forgery As long as the header is set, any value will be OK. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, the issue was resolved after the certificate information was added to send the request |
Beta Was this translation helpful? Give feedback.
-
|
@laimujun would you kindly let me know of the data you passed? |
Beta Was this translation helpful? Give feedback.
-
|
@laimujun You need to make sure the request you are sending are using client certificate authentication, i.e. you need to configure the application you are using with access to your private key and certificate. |
Beta Was this translation helpful? Give feedback.
That error message means that the REST operation requires admin privileges.
So, in this case it would require a client-certificate that is configured in SignServer as an authorized admin (or, if "Allow any" option is set, any client-certificate issued by the same CA as the server TLS certificate would be consider an administrator).
The X-Keyfactor-Requested-With header is required as a measure to prevent XSRF: https://en.wikipedia.org/wiki/Cross-site_request_forgery
As long as the header is set, any value will be OK.