SEC_DAEMON_INTEGRITY = REQUIRED
SEC_DAEMON_AUTHENTICATION = REQUIRED
SEC_DAEMON_AUTHENTICATION_METHODS = SSL
+SEC_NEGOTIATOR_INTEGRITY = REQUIRED
+SEC_NEGOTIATOR_AUTHENTICATION = REQUIRED
+SEC_NEGOTIATOR_AUTHENTICATION_METHODS = SSL
+
+# If you have a mapfile, set this to the HTCondor canonical name instead
ALLOW_DAEMON = ssl@unmapped
# SSL cert and key locations
@@ -23,6 +28,12 @@
AUTH_SSL_SERVER_CAFILE = $(SSL_DIR)/certs/ca.pem
AUTH_SSL_SERVER_CERTFILE = $(SSL_DIR)/certs/$(FULL_HOSTNAME).pem
AUTH_SSL_SERVER_KEYFILE = $(SSL_DIR)/private_keys/$(FULL_HOSTNAME).pem
+
+# For Windows:
+SEC_CLIENT_AUTHENTICATION_METHODS = NTSSPI, SSL
+
+# For Linux:
+SEC_CLIENT_AUTHENTICATION_METHODS = FS, SSL
{endcode}
Finally, reconfigure your pool to have the new settings take effect:
