* * * * *

                  Authenticating web users via SSL, part II

Back in September, I set up web authentication via signed certificates [1]
but it was primarily a manual process. After creating the certificate
authority (and installing the certificate authority into my browser so it
wouldn't complain), I then generated a certificate request (on the command
line), signed the request (on the command line) and installed the freshly
signed certificate into my browser, so I could use that certificate to
authenticate myself to my webserver.

If that makes any sense.

Obligatory Sidebar Links

* When you want a really strong security on the web, it's a good idea to use
 SSL [2]
* Netscape Client Certificate Management [3]
* spkac(1) [4]


Anyway, it is possible to have this handled automagically between the browser
and webserver [5], but sadly, there isn't much information out there about
doing so. I only found three pages with any real information; two cover the
same material, and one just covers part of the openssl command required to
work with this stuff.

And of course, it doesn't work with IE (Internet Explorer) (thank you so
much, Microsoft [6]).

[1] gopher://gopher.conman.org/0Phlog:2008/09/08.1
[2] http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20080714/07ea5534/attachment.txt
[3] http://old.pseudonym.org/ssl/ssl_nsclient_certs.html
[4] http://www.openssl.org/docs/apps/spkac.html
[5] http://www.flutterby.com/archives/comments/11692.html#artid_40323
[6] http://www.microsoft.com/

Email author at [email protected]

You are viewing proxied material from gopher.conman.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.