Thanks for all your responses. I will try another approach: having a
"special" user only for my middleware, I will try to import the
keys+certificates from the backend when I need them. The backend keeps a
copy of all user certificates and keys, as they are all generated there,
so stablishing a
I think I will have to give up and duplicate client certificates on both
servers. If I am right, the information obtained from the browser
certificate chain will not be enough for stablishing a secure connection
with the backend server, as it lacks the key necessary to encrypt /
decrypt the me
Yes, I know, and I agree with you :_( , but security is important in
this particular project, and one requirement is to not open security
holes in a server (the backend) that is currently considered to be
reasonably secure.
As the frontend is designed to be placed at any point on Internet, and
Rodrigo,
It has been my experience you will not find the performance acceptable.
Using SSL once is expensive. Multiple passes will really hurt. Just my
opinion.
Rick
-Original Message-
From: Rodrigo Ruiz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 9:30 AM
To: [EMAIL PR
Rodrigo,
It has been my experience you will not find the performance acceptable.
Using SSL once is expensive. Multiple passes will really hurt. Just my
opinion.
Rick
-Original Message-
From: Rodrigo Ruiz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 9:30 AM
To: [EMAIL PR
