Enable or disable client certificate authentication for XP service roles

Abstract

Introduction to enabling or disabling client certificate authentication for roles accessing Sitecore XP Services roles.

Applies to

All XP service roles

Sitecore Installation Framework

Client certificate authentication enabled by default.

Azure Toolkit

Client certificate authentication enabled by default.

By default, any role that accesses an XP service role must use a client certificate for authentication. Refer to the Installation Guide for your version of Sitecore for information about setting up client certificate authentication.

Disable client certificate authentication in a development environment

To disable client certificate authentication in a development environment:

  • Remove the validateCertificateThumbprint setting from the <xp-service-role>\App_Config\AppSettings.config file. Repeat for all XP service.

If you want to disable HTTPS in addition to disabling client certificate authentication, refer to the following documentation:

Note

We do not recommend disabling HTTPS or client certificate authentication in a production environment.