Menu
The question is very clear but I did not find any useful tutorial online. So I wish I could have some luck here.
Basically, I want to build a client certificate authentication with Apache. I configured the conf file for Apache for the site I am hosting. The conf I put is here:
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile /etc/apache2/ssl/client.crt
However I have no idea how to generate the certificate and key file for the client. And also, what file should I put on the SSLCACertificateFile in the Apache server configurations?
Does the server simply compare the certificate file sent from client with the certificate file on the server? What exactly the client certificate authentication is doing ?
732
Go to the Advanced Settings section of the page and scroll down to the SSL/TLS subsection. Select the required Client Authentication mode. Required: The server requests the client for a certificate; if the client does not provide a certificate, the connection is closed.
SSL-enabled client software always requires server authentication, or cryptographic validation by a client of the server's identity. The server sends the client a certificate to authenticate itself. The client uses the certificate to authenticate the identity the certificate claims to represent.
You'll find instructions on how to create a CA cert and certs signed by this CA cert here: http://pages.cs.wisc.edu/~zmiller/ca-howto/
Things go like this:
You can then check that the client presents a certificate which is "signed" by the CA.
88
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
