RE: Creating client certificates ?

Thu, 04 Apr 2002 02:10:35 -0800 

When a client browser reaches an SSL-secured page, the browser checks to 
see whether the 'server' certificate is trusted. In Internet Explorer 5.5, 
you can view a list of trusted certificates from: (Menu) Tools|Internet 
Options... -> Content TAB | Certificates.. BUTTON.
You should be able to view all installed certificates.

These certificates have either been pre-installed, or installed when 
visiting an SSL-site and agreeing to download. This is how a 'client' 
certificate exists.

An easy way of getting hold of the 'client certificate' that you yourself 
have signed (mine is attached) is by going to your own site and agreeing to 
trust your site (!). The certificate would then be installed on your 
machine. Then view all installed certificates (explained above for IE), and 
Export the certificate.

Doing all this allows you to pass on a copy of your certificate to someone, 
and tell them to Import it into their trusted list. I feel it's all a bit 
unneccesary, but now you should be "able to create a client certificate 
which is signed by my own CA for client authentication." !


Shiraz


-----Original Message-----
From:   [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
Sent:   Thursday, April 04, 2002 12:43 AM
To:     [EMAIL PROTECTED]
Subject:        Re: Creating client certificates ?

[EMAIL PROTECTED] wrote:
>
> Hello modssl users !
>
> I managed to set up an ssl aware web server.
> Although I searched the web and also the list
> archive I haven't been able to create a client
> certificate which is signed by my own CA for
> client authentication.
>
> Could someone describe the process of creating
> such a certificate in detail ?


Thank you Owen for your answer but you misunderstood
my question.
And you Maik misunderstood my question, too.
I, of course, read the FAQ and all the other available docs
but they say nothing about creating client (!) certificates !
The process of creating a server certificate is sufficiently
documented in the FAQ and it was no problem for me to
create it.

My question is: How can I create client (!) certificates for
                     client authentication to the server and not
                     server certificates ?!

Anyone ?

--
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Attachment: designlinks.cer
Description: application/x509-ca-cert

Reply via email to