Recipe 7.5 Authenticating with Client Certificates

Problem

You want to use client certificates to authenticate access to your site.

Solution

Add the following mod_ssl directives to your httpd.conf file:

SSLVerifyClient require SSLVerifyDepth 1 SSLCACertificateFile conf/ssl.crt/ca.crt

Discussion

If you happen to be lucky enough to have a small, closed user community, such as an intranet, or a web site for a group of friends or family, it is possible to distribute client certificates so that each user can identify himself.

Create client certificates, signing them with your CA certificate file, and then specify the location of this CA certificate file using the CACertificateFile directive, as shown above.

See Also

  • Recipe 7.2

  • http://httpd.apache.org/docs-2.0/mod/mod_ssl.html



Apache Cookbook
Apache Cookbook: Solutions and Examples for Apache Administrators
ISBN: 0596529945
EAN: 2147483647
Year: 2006
Pages: 215

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net