Apache, SSL, autentication and third party client certificates
I've running a Apache webserver with mod_ssl installed and working. I can create a CA, server certificates and client certificates and grant access to certain directories based on these certificates.
However, now I want to grant access to a certain directory on this server, based on client certificates that are published by a third party. These certificates are stored on a smartcard. The software that accompanies the smartcard reader that the visitors use installs the client certificates in the Microsoft Certificate Store.
Furthermore I've a certificate chain of 4 or 5 certifcates including the root CA certificate.
I was told that apache can authenticate clients using the information mentioned above, but I can't figure out how. For example, I don't know which certifacte I have to use as server certificate. When I take the last certificate from the chain mentioned above, I get an apache error 'Public Key not found' (which makes sense because I don't have one).
Any help is appreciated. When anyone thinks this is not going to work at all, please let me know as well.
Best regards,
Bas
|