Re: Client Authuntication and Multiple Certificate Chains
Tridib, I have a similar configuration as you have illustrated. I was able to get client authentication to work with apache_1.3.14 with mod_ssl_2.7.1 and openssl 0.9.5a. I couldn't get client authentication to work with a chain for apache_1.3.12. Try upgrading to apache 1.3.14 and see if that works. For CRLs, I placed each of the CRLs into a CRL directory. I then ran the make command to create the hash links to each of the CRLs. It worked correctly. Hope this helps. Lorrayne Tridib wrote: > Hi > > Could you please help me how can I implement client authentication if there is >multiple certificate chain. I am usnig Apache_1.3.12+ Ben's SSL_1.40(Linux) and >certificate chain looks like following: > > CERTIFICATE CHAIN HIERARCHY > > Root Certificate > > | | || > | | || > | | || > | | || > | | || > CA1 CA2CA3 CA4 (Certification Authority) > | | || > | | || > | | || > Client Client Client Client > Cert1 Cert2 Cert3 Cert4 > > Please also suggest how CRLs (because I guess there will four CRLs signed by four >CAs) can be checked before client authentication. > > Thank you > Tridib > > _ > Chat with your friends as soon as they come online. Get Rediff Bol at > http://bol.rediff.com > > _ > Chat with your friends as soon as they come online. Get Rediff Bol at > http://bol.rediff.com > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Client Authuntication and Multiple Certificate Chains
Hi Could you please help me how can I implement client authentication if there is multiple certificate chain. I am usnig Apache_1.3.12+ Ben's SSL_1.40(Linux) and certificate chain looks like following: CERTIFICATE CHAIN HIERARCHY Root Certificate | | || | | || | | || | | || | | || CA1 CA2CA3 CA4 (Certification Authority) | | || | | || | | || Client Client Client Client Cert1 Cert2 Cert3 Cert4 Please also suggest how CRLs (because I guess there will four CRLs signed by four CAs) can be checked before client authentication. Thank you Tridib _ Chat with your friends as soon as they come online. Get Rediff Bol at http://bol.rediff.com _ Chat with your friends as soon as they come online. Get Rediff Bol at http://bol.rediff.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Multiple Certificate
Hi Mark, You need one IP address for each certified domain name. So you can't use CNAME record. Rgds. Martin Mark Lo wrote: > Hi, > >How to host multiple domain with real digital certificate for > each domain name by using CNAME record. Is it possible to do it. > > Thank You > > Mark Lo > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Multiple Certificate
Hi, How to host multiple domain with real digital certificate for each domain name by using CNAME record. Is it possible to do it. Thank You Mark Lo __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]