LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-12-2005, 03:13 AM   #1
bezoomny
LQ Newbie
 
Registered: Feb 2004
Distribution: DEBIAN GNU/Linux 2.6.10
Posts: 9

Rep: Reputation: 0
Exclamation Apache, SSL, autentication and third party client certificates


I've running a Apache webserver with mod_ssl installed and working. I can create a CA, server certificates and client certificates and grant access to certain directories based on these certificates.

However, now I want to grant access to a certain directory on this server, based on client certificates that are published by a third party. These certificates are stored on a smartcard. The software that accompanies the smartcard reader that the visitors use installs the client certificates in the Microsoft Certificate Store.
Furthermore I've a certificate chain of 4 or 5 certifcates including the root CA certificate.

I was told that apache can authenticate clients using the information mentioned above, but I can't figure out how. For example, I don't know which certifacte I have to use as server certificate. When I take the last certificate from the chain mentioned above, I get an apache error 'Public Key not found' (which makes sense because I don't have one).

Any help is appreciated. When anyone thinks this is not going to work at all, please let me know as well.

Best regards,
Bas
 
Old 10-13-2005, 07:28 AM   #2
r0b0
Member
 
Registered: Aug 2004
Location: Europe
Posts: 600

Rep: Reputation: 49
Quote:
I was told that apache can authenticate clients using the information mentioned above, but I can't figure out how. For example, I don't know which certifacte I have to use as server certificate.
You can use your old server certificate and still authenticate clients with certificates issued by a third party.
There is no rule which would force the server and client certificates to be issued by the same CA.
See http://httpd.apache.org/docs/2.0/mod...ertificatefile
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL certificates the-chains Linux - Software 0 11-15-2004 07:12 PM
Apache/SSL - works with Windows client but not Linux client RickHDYoung Linux - Security 1 07-01-2004 04:02 PM
Refresh client user list at autentication client/server network. robertoneto123 Linux - Networking 0 11-11-2003 10:38 AM
ssl certificates champ Linux - Security 2 04-05-2003 09:47 AM
ssl certificates Syncrm Linux - General 7 02-26-2003 10:01 AM


All times are GMT -5. The time now is 05:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration