Client authentication

[Josep Riudavets <jr...@uoc.edu>]

Hi all ... My name is Joseph, from the Technical Univerisity of Catalonia (UPC). This is my first messege here ... 

I'm developing a web application under Apache 1.3.27, with client authentication under a certain path, /htdocs/client_aut ... that is, if a client requires a resource placed under /htdocs/client_aut, he will need to show his or her digital certificate. I have implemented this idea as follows  (httpd.conf):

<Location /usr/local/apache/htdocs/client_aut>
SSLVerifyClient require
SSLVerifiDepth 1
</Location>

I have a created these certificates:

* a CA self-signet certificate, named certificatCA.crt (placed at /conf/ssl.crt) 
* a server certificate, signed by CA, named certificatSERV.crt (placed at /conf/ssl.crt)
* a client certificate, singned by CA, named clientSERV.crt, installed at the client web browser.

And I have configured SSL connection as follows:

SSLCertificateFile path/to/certificatSERV.crt
SSLCertificateKeyfile path/to/clausSERV.key
SSLCACertificateFile path/to/certificatCA.crt

But it does not work ... when I try to acces to the web server from my brownser, server autenthication is OK, but when I choose "clientSERV.crt" in order to authenticate me, it does not work.

Any tip?

Thanks all

Josep

Re: Client authentication

[Conor MacNeill <co...@cortexebusiness.com.au>]

On Thu, 11 Dec 2003 03:20 am, Josep Riudavets wrote:

>
> Any tip?
>
> Thanks all
>
> Josep


Josep, 

This list is for the management of the Apache Jakarta project. Questions 
regarding httpd should be directed to the httpd project. Find the appropriate 
list here

http://httpd.apache.org/lists.html

Conor



---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
For additional commands, e-mail: general-help@jakarta.apache.org