Hi Mark -
I saw it, and...
don't know the answers for the second two (don't fully understand the
questions) , but yes, you can create your own Certificate Authority, no
problem -- however your clients will each then either have to
click-through various warning dialogues each time, or they will have to
add the root certificate to their list of trusted certificate
authorities. How exactly to do this various from browser to browser (and
OS to OS sometimes)...
--Tim
Mark Benussi wrote:
Morning all..
I have a web app and for certain areas of the site I wish to restrict access
to a Client Authentication certificate. I want to generate a root
Certificate for my company domain and then sub domains for a variety of
customers. Then I wish to be able to generate certificates for certain users
within these sub domains.
My questions are:
Can I build a root certificate that is not signed by someone like Verisign
or any other trusted root? (This is a cost issue).
Can I implement the Client Authentication on a server which does not have
SSL implemented?
Can I implement the Client Authentication on a server which already has an
SSL certificate, signed by someone like Verisign and effectively run both?
Would appreciate your thoughts and also any pointers on where to start
digging.
TIA Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
