OpenSSL 0.9.6, Apache 1.3.14 - Client Certificates Help Needed

OpenSSL 0.9.6, Apache 1.3.14 - Client Certificates Help Needed

Post by Tom Vaugha » Wed, 15 Nov 2000 04:00:00

> Greetings:

> I configured & compiled OpenSSL & Apache and installed them under
> /usr/local/ssl and /usr/local/apache. I then followed the OpenSSL FAQ
> which mentions how to create certificates using the 'openssl' command. I
> created the server certificate and modified the httpd.conf in
> /usr/local/apache/conf to reflect the certificate file & directory.


> The question I have are:

> a. The FAQ mentions how to create a 'client certificate' and distribute
> it to the client. How is this performed? If the client is using a
> netscape browser, how is this certificate installed. I tried installing
> the certificate (X509) but it seems that the browser recognizes some
> other format. If someone can outline the operations & steps to install
> the client certificate, it would be great.

Wish I knew a better link right now, but poke around the openca package:


> b. What essentially I want to perform is that access to the web site is
> only allowed to folks who can be authenticated and identified. So the
> server side will issue client certificates and would distribute it to
> the clients. The distribution and usage of these certificates, exactly
> how it happens, with respect to OpenSSL, is the information I am
> seeking.


> Any information on the above is apreciated as I read most of the FAQs
> and documentation and have been unable to figure this one out.

> Thanks.

> Regards,

> Bobby Sardana.

Tom Vaughan <tom at vaughan dot to>