Hi Jeffrey,
Client SSL certificates for authentication does not require apache.
How did you create your client certificate, and how did you add it to your
browser? Did you also add your CA root certificate to the browser?
Best regards,
Wim.
2014-02-01 Jeffrey Scott Flesher Gmail <jeffrey.scott.fles...@gmail.com>:
> Do you need to have Apache setup on the Machine if you are only use
> wt-httpd in the methods in your example SSLClientAuth?
>
> I have setup a Self Signed Cert, I am using QtCreator with the run command:
> --docroot . --http-address 0.0.0.0 --http-port 8080 --ssl-certificate
> /etc/httpd/conf/server.crt --ssl-private-key /etc/httpd/conf/server.key
> --ssl-tmp-dh=projects/ssl/dh512.pem --ssl-enable-v3
> --ssl-client-verification=required --ssl-verify-depth=15
> --ssl-ca-certificates=/etc/httpd/conf/server.crt
>
> Note: I do not have ssl-tmp-dh, nor do I know if its required, but same
> results without it, in fact, same with just --docroot . --http-address
> 0.0.0.0 --http-port 8080,
> which makes me wonder if I am doing this right.
>
> I used this script to create the Cert:
> cd /etc/httpd/conf/
> sudo openssl genrsa -out server.key 4096
> sudo chmod 600 server.key
> sudo openssl req -new -key server.key -out server.csr
> sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out
> server.crt
> and it checked out ok, so the paths to the cert are there and verified.
>
> I hit the code message:
> Not an SSL session, or no client certificate available. Please read the
> readme file in examples/feature/client-ssl-auth for more info.
>
> Then I tried to get more info by doing this:
> Wt::WValidator::Result results = sslInfo->clientVerificationResult();
> new Wt::WText("Not an SSL session, or no client certificate available.
> Please read the readme file in examples/feature/client-ssl-auth for more
> info." + results.message(), root());
> This didn't work, or its not the right way to do it, any clue which one?
>
> After a long recovery from being hit in the head by a Micro Meteorite, I
> am back to working on the Witty Wizard CMS,
> I do not want to have Apache installed for security reasons,
> I want to require a public/private Cert, but do not want it to bomb if its
> not there,
> but if it is, give the user a button to log in using the servers users,
> so I can log in as root, and run root commands from the web page,
> like Virtualmin or cPanel,
> so I can maintain the server from the CMS,
> so I was wondering if you have a function to authenticate using local
> users on the server its ran from?
>
> If this requires Apache, is there a workaround to make something like this
> work without?
>
> What I need is the most secure way to log in as root and run root commands.
>
> Thanks
>
>
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends. Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> witty-interest mailing list
> witty-interest@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/witty-interest
>
>
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
witty-interest mailing list
witty-interest@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/witty-interest
