John Doe wrote: > The goal is to be able to distribute client certificates to filter web > access to certain resources. How about using just basic user names and passwords? Seems a lot simpler. Client certs can really make things messy and complicated, I worked with them a bunch several years ago, ENDLESS headaches, and we weren't using CRL formally at least, the application had a sort of CRL built into it, where we specifically registered certain CN's with the app, and apache just acted as a pass through mechanism to the app(which was java/tomcat). http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html nate _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Certificates Revocation Lists and Apache...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: Certificates Revocation Lists and Apache...
- From: "nate" <centos@xxxxxxxxxxxxxxxx>
- Date: Wed, 4 Nov 2009 08:53:34 -0800 (PST)
- Delivered-to: centos@xxxxxxxxxx
- Importance: Normal
- In-reply-to: <873012.4198.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- References: <209990.78843.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <47505.10.10.10.51.1257349241.squirrel@xxxxxxxxxxxxxxxxxxxxxxxx> <873012.4198.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- User-agent: SquirrelMail/1.4.9a
- References:
- Certificates Revocation Lists and Apache...
- From: John Doe
- Re: Certificates Revocation Lists and Apache...
- From: nate
- Re: Certificates Revocation Lists and Apache...
- From: John Doe
- Certificates Revocation Lists and Apache...
- Prev by Date: Re: Redhat 7.3 as CentOS 5 domU
- Next by Date: CentOS-announce Digest, Vol 57, Issue 2
- Previous by thread: Re: Certificates Revocation Lists and Apache...
- Next by thread: Re: Certificates Revocation Lists and Apache...
- Index(es):
 |