Hi Roger,
I think the easiest way would be to:
- enable the SSL (with client optional in Apache)
- add a check in the certificate request command that check for the
existence of the env variable where the client certificate is
(be sure to enable only your CA's certificate as a valid CA for
Hi;
Yes, for requesting host/service certificates and for requesting re-keying
of user certificates, I wish to have the requests authenticated with the
requestor's own user certificate.
Roger
Massimiliano Pala-3 wrote:
>
> Hi Roger,
>
> So.. tell me more about what you want to do. How
Hi Roger,
So.. tell me more about what you want to do. How you want to restrict the
request for an host certificate ? Based on what ? A user certificate or
what ?
Later,
Max
On 08/19/2010 03:24 PM, RogerImpey wrote:
Hi:
Thanks for the rapid reply.
Is there another way to do the same thing
Hi:
Thanks for the rapid reply.
Is there another way to do the same thing? That is, provide some form of
authentication for the requests for host/service certificates, while keeping
the request of user certificates open.
Or maybe I am thinking about it all wrong, and there are completely
differ
Hello Roger,
unfortunately I have to say that the issue has not been addressed. This
is for many reasons, actually.
Because of the problems exposed here, I decided to provide a more fine-grained
access support with the next releases of OpenCA. The problem I am facing
at the moment is the lack of
Hi:
Was this post's question answered? I have exactly the same problem. Is there
a good way around?
Roger
Arsen Hayrapetyan wrote:
>
> Hi all (especially developers),
>
> Long ago I posted a question about restriction of access to parts of the
> openca interfaces. There was no solution
Hi all (especially developers),
Long ago I posted a question about restriction of access to parts of the
openca interfaces. There was no solution to it.
I am trying to do this with RBAC, but the system is too rigid.
The problem is following.
I have two web-pages on my openca Public interface:
1
