Search
Member List
Calendar
Help
|
Can't get Client certificates to work
|
|
2013-03-25, 13:20
Post: #5
|
|||
|
|||
RE: Can't get Client certificates to work
(2013-03-25 11:57)mcb30 Wrote: I haven't tested, but I suspect that Apache wants the CA certificate that signed the client certificate specified here, rather than the client certificate itself. Try: Hi Michael! Thank's for your reply. I've recreated all keys and certs (the way I did describe in my first post) to be sure they match and then I tried to use ca.crt - same result. With client-certificate verification turned on, the client won't start but does so if the verification is switched off. :-( Since I know that common-name can't be omitted and must be a valid address I also have tried using the clients ip in the client certificate with no result (even this would work, this would make problems in a real environment since I do not really know the clients ip) In the "docu" theres a cross certificate mentioned (openssl ca -config ca.cnf -extensions cross -notext -preserveDN -ss_cert startcom.crt -out startcom-cross.crt) but I do not know if an how this is important for me. How should I use this certificates? Thorsten |
|||
|
|
« Next Oldest | Next Newest »
|
| Messages In This Thread |
|
Can't get Client certificates to work - Viator - 2013-03-22, 18:42
RE: Can't get Client certificates to work - mcb30 - 2013-03-23, 22:02
RE: Can't get Client certificates to work - Viator - 2013-03-25, 09:56
RE: Can't get Client certificates to work - mcb30 - 2013-03-25, 11:57
RE: Can't get Client certificates to work - Viator - 2013-03-25 13:20
RE: Can't get Client certificates to work - mcb30 - 2013-03-25, 13:50
RE: Can't get Client certificates to work - robinsmidsrod - 2013-03-28, 22:04
RE: Can't get Client certificates to work - Viator - 2013-03-29, 09:58
RE: Can't get Client certificates to work - robinsmidsrod - 2013-03-29, 17:19
RE: Can't get Client certificates to work - Viator - 2013-04-02, 14:43
|
User(s) browsing this thread: 1 Guest(s)