开发者

Web based interface for open SSL client certificates

开发者 https://www.devze.com 2022-12-28 19:42 出处:网络
We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side,access should be provided by individual browser certificates (

We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient.

Atm, I using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool开发者_StackOverflow to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?


The best way to do this is to have the browser generate the key-pair and submit it to the server, where it's signed by your CA and a signed certificate returned to the browser.

There's a Javascript API to make the browser do that.

0

精彩评论

暂无评论...
验证码 换一张
取 消