Duane, Is that going to work under IIS?
"Duane" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Mike Stokes wrote: >> I think we're talking about two different things. I want to deliver and >> install a client cert on a remote workstation programmatically. Aren't >> you >> refering to the client's cert subject returned in the HTTP header? Maybe >> I'm >> lost. I've worked tangentially with certs for years. This is the first >> time >> I've ever had to get low level so there may be exploitable gaps in my >> understanding. :) > > You need to stop thinking how MS handles it, they are completely > different. You whack a small html tag which shows the different key > sizes along with a couple of other tags, and it gets submitted as a > form, just like the MS active x it isn't a complete CSR you need to add > additional text to the returned information to then shove it through > something like OpenSSL, then you return it to the user in DER format. > You only need to alter headers if you're scripting it to change the mime > type. > > -- > > Best regards, > Duane > > http://www.cacert.org - Free Security Certificates > http://www.nodedb.com - Think globally, network locally > http://www.sydneywireless.com - Telecommunications Freedom > http://happysnapper.com.au - Sell your photos over the net! > http://e164.org - Using Enum.164 to interconnect asterisk servers > > "In the long run the pessimist may be proved right, > but the optimist has a better time on the trip." _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security