The reason why is pretty unimportant, and frankly I don't know what I did to have it working. But suddenly it did.
The task is to have an apache server use SSL with client-certificates for authorization. No problem, you just create your own CA, issue a server certificate, issue a client certificate and convert to PKCS12-format for consumption in your favorite browser, right? Not so fast!
So I made a gist walking through the steps: https://gist.github.com/nwillems/8172932
My starting point was this: https://code.google.com/p/migrid/wiki/ServerInstallNotes#Certificates_-_Manually
And intermediary process has been a lot of googleing seeing all sorts of procedures to accomplish something similar, and then not yet. Some resources has been:
The task is to have an apache server use SSL with client-certificates for authorization. No problem, you just create your own CA, issue a server certificate, issue a client certificate and convert to PKCS12-format for consumption in your favorite browser, right? Not so fast!
So I made a gist walking through the steps: https://gist.github.com/nwillems/8172932
My starting point was this: https://code.google.com/p/migrid/wiki/ServerInstallNotes#Certificates_-_Manually
And intermediary process has been a lot of googleing seeing all sorts of procedures to accomplish something similar, and then not yet. Some resources has been:
- http://lakm.us/logit/2013/01/https-server-client-certificate-pair-1-generate-openssl/ final resource
- http://gagravarr.org/writing/openssl-certs/ca.shtml
- http://gagravarr.org/writing/openssl-certs/general.shtml#cert-convert - didn't really work, but pointed in the right direction.
That pretty much sums it up - have fun authenticating with your new certificates.
Have a happy new years :-)
/Willems
No comments:
Post a Comment