Hi. After switching the login type to x509 I want to prevent normal users to access the ra web interface.
I don't want to finetune every command in the acl.xml list. So I thought I just set up another certificate directory with all the ra operators certificates and configure the ra.xml like this: <type>x509</type> <chain>/opt/openca93/var/crypto/chain_ra_webui</chain> But that does not work. I still can access the ra page with every certificate of this CA. In fact, even if I point the chain config parameter to a non-existent folder I can do that. Any ideas why that is the case? Thanks, Cheers, Markus ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
