Re: Certificates Revocation Lists and Apache...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



John Doe wrote:

> The goal is to be able to distribute client certificates to filter web
> access to certain resources.

How about using just basic user names and passwords? Seems a lot
simpler. Client certs can really make things messy and complicated,
I worked with them a bunch several years ago, ENDLESS headaches, and
we weren't using CRL formally at least, the application had a sort
of CRL built into it, where we specifically registered certain
CN's with the app, and apache just acted as a pass through mechanism
to the app(which was java/tomcat).

http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html

nate

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux