Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Client Cert mapping in Apache

Status
Not open for further replies.
thomaswoo

thomaswoo

MIS
Dec 4, 2000
16
0
0
HK
Hi all,

Is there anyway that I can set the "Client Certificate mapping" in Apache, just that in IIS ?

Basically, I just want to open my web site to my client using digitial cert as authorization.

Thanks !
 
Sort by date Sort by votes
Put something like this in your config:

Code: 
<VirtualHost secure.you.com:443>
    SSLEngine on
    SSLCertificateFile /path/to/apache/conf/ssl.crt/secure.you.com.crt
    SSLCertificateKeyFile /path/to/apache/conf/ssl.key/server.key
</VirtualHost>
 
Upvote 0 Downvote
Hum, I guess that he want the clients to be authentified by key, like to replace the password. What you offered him wont do it. I know that you can do that but I never did it. What version of apache are you using? Because you can find some information about mod_ssl that will explaing you how to do that if you have apache 1.3. Your best bet is to go at and look at the ssl module.
 
Upvote 0 Downvote

Ah, right, I read the question wrong. I've never done it either.
 
Upvote 0 Downvote
Thanks ericbrunson and nokernel !!

nokernel is correct, I would like to use client cert to replace username + password authentication. (sorry, I spell it wronly in my first message.)

The apache version on my inux box is 2.0.50





 
Upvote 0 Downvote
I have some better stuff for you, witch you can find it there.

************************************
How can I authenticate clients based on certificates when I know all my clients?

When you know your user community (i.e. a closed user group situation), as it's the case for instance in an Intranet, you can use plain certificate authentication. All you have to do is to create client certificates signed by your own CA certificate ca.crt and then verify the clients against this certificate.
httpd.conf

# require a client certificate which has to be directly
# signed by our CA certificate in ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile conf/ssl.crt/ca.crt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
118
AbidingDude
AbidingDude
msk69
  • Locked
  • Question
Certificates 1
Replies
4
Views
70
iggsterman
iggsterman
daniel.warner
  • Locked
  • Question
Desperately need help setting up wildcard certs on Apache/Tomcat
Replies
2
Views
90
daniel.warner
daniel.warner
hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
81
Stephen_Hawk
Stephen_Hawk
Frank DBA
  • Locked
  • Question
Apache XForwardedFor Header
Replies
1
Views
46
RhythmAce
RhythmAce

Part and Inventory Search

Sponsor

Back
Top