Configuring Client Certificate Authentication

This document is for:
Invicti Standard, Invicti Enterprise On-Premises, Invicti Enterprise On-Demand

Invicti supports the Client Certificate Authentication mechanism, enabling you to configure scans for websites that require Client Certificate authentication.

It is not possible to configure both Client Certificate Authentication and Smart Card Authentication at the same time.

For further information, see Configuring Smart Card Authentication in Invicti Standard.

Ensure that the selected certificate is NOT imported with strong key protection.

Client Certificate Fields

This table lists and describes the fields in the Authentication Client Certificate section.



Client Certificate

Select to enable a client certificate to be used to log in to the web application.


Click to browse and upload the certificate file.


Enter the password for the certificate.

How to Configure Client Certificate Authentication in Invicti Enterprise
  1. Log in to Invicti Enterprise.
  2. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
  3. From the Authentication tab, select Client Certificate. The Client Certificate section is displayed.
  4. Select the Enabled checkbox.

5. Click Browse to upload the certificate

6. Select a file, then click Open.

In Invicti Enterprise, client certificate files can only be added in the following formats: cer, crt, der, pem, pfx, p7b, p7r, p12, spc.

7. Click Start Scan.

How to Configure Client Certificate Authentication in Invicti Standard
  1. Open Invicti Standard.
  2. From the Home tab, click New. The Start a New Website or Web Service Scan dialog is displayed.

3. Click the Client Certificate tab. The Client Certificate Authentication section is displayed.

4. In the Client Certificate Authentication section, check Enabled.

5. From the dropdown, select the required certificate.

6. Alternatively, click Add New to add a new client certificate. The Certificate to Install dialog is displayed.

7. Select file.

  • Click on file.

  • Click Open

Client certificate files can only be added in PFX (Personal Information Exchange) or Cert (Digital Certificate) formats.

8. Click Start Scan.

Invicti Help Center

Our Support team is ready to provide you with technical help.

Go to Help Center This will redirect you to the ticketing system.