Hi
This is my first mail to this list so I apologise if I "mess up"!
I would like to hear some comments from you and also ask some questions.
Currently i'm working on a univ. in Portugal, where I'm writing (actually me
and my future wife :)) a web-based app that manages the "academical part" (i
don't know the right english word for this) of the univ (meaning that the
students can enrool on-line, the teachers can evaluate and send the students
grades on-line, etc).
So far we are using mod_ssl just to check passwords and send the most important
that through it but we would like to have more.
We would like to force people to get a certificate signed by us to have access
to the system. I think this is possible (there is one directive
SSLVerifyClient). The problem is on the client side. I think that the
certificates after being signed by us must be imported into netscape (let's
forget ie for now). First Question: How do i generate a certificate and import
into netscape (using ssleay)?.
Another question that i have is how do i tell netscape that I know a new CA (me
in this case) and i want it to accept it's certificates?
That's about it! Thank you for your attention! See y'a !
P.S : Do you think We're exagerating on the security we're trying to build into
this thing ? Thanks!
Mario Filipe
[EMAIL PROTECTED]
-----> http://neptuno.sc.uevora.pt/~mjnf
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
