On Sun, Sep 9, 2012 at 8:59 AM, Pete Houston <ph1@xxxxxxxxxxxxxxxx> wrote: > On Sun, Sep 09, 2012 at 08:36:30AM -0500, Tom Browder wrote: >> So the client cert. does contain the private key? Then its password >> is all that is protecting it? > > No, the key is normally (but not always) kept separately. So, if I generate the certs, I need to make sure I keep the key separate, too. Note that I have intermediate agents who certifiy the emails (IDs) of the recipients, plus I plan to have another authentication scheme after the SSL cert (Persona). Thanks, Pete. -Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|