Re: Client Authentication and Access Control

2005-06-14 Thread yvin Smme
Joe Orton wrote: On Fri, Jun 03, 2005 at 08:56:56AM +0200, yvin Smme wrote: Method 2 (SSLRequire): The user-id field is just '-'. Can I somehow configure apache/mod_ssl to only store certain elements of the DN (e.g. the CN in the DN) as the user-id in the access-log? mod_ssl in httpd 2.0

Re: Client Authentication and Access Control

2005-06-14 Thread yvin Smme
yvin Smme wrote: Joe Orton wrote: On Fri, Jun 03, 2005 at 08:56:56AM +0200, yvin Smme wrote: Method 2 (SSLRequire): The user-id field is just '-'. Can I somehow configure apache/mod_ssl to only store certain elements of the DN (e.g. the CN in the DN) as the user-id in the access-log?

Client Authentication and Access Control

2005-06-03 Thread Øyvin Sømme
Hi. I have read the instructions at: http://www.modssl.org/docs/2.8/ssl_howto.html#ToC9 and successfully set up a web server which runs HTTPS and requires client certificates for authentication. However, I am not 100% pleased with neither of the *two* methods. What I dislike is the *user-id*

Re: Client Authentication and Access Control

2005-06-03 Thread Joe Orton
On Fri, Jun 03, 2005 at 08:56:56AM +0200, yvin Smme wrote: Method 2 (SSLRequire): The user-id field is just '-'. Can I somehow configure apache/mod_ssl to only store certain elements of the DN (e.g. the CN in the DN) as the user-id in the access-log? mod_ssl in httpd 2.0 supports the

Problems with Client authentication and access control

2002-04-03 Thread haldor
Hello. I have successfuly done Client Authentication using client certificates with apache-openssl-modssl. SSLVerifyClient none Directory /usr/local/apache/htdocs/secure/area SSLVerifyClient require SSLVerifyDepth 5 #SSLCACertificateFile conf/ssl.crt/ca.crt

Client Authentication and Access Control

1999-05-31 Thread Fabrizio Pivari
I've read the mod_ssl documentation about Client Authentication and Access Control part. I've found this part very interesting and I'd like to test it. Could you explain me the OpenSSL commands to create client certificates signed by my CA certificate? I've already created my CA certificate