On Fri, Jan 12, 2001 at 01:37:42PM +0100, Tim Tassonis wrote:
> > >
> > > I want to force mod_ssl to ban self-signed certificates from being
> > > accepted as valid certificates. From what I remember, one suggestion
> was
> > > to use SSLRequire in order to compare the subject_dn to the
> issuers
> >
> > I want to force mod_ssl to ban self-signed certificates from being
> > accepted as valid certificates. From what I remember, one suggestion
was
> > to use SSLRequire in order to compare the subject_dn to the
issuers_dn.
> > But this seems to be easily fakeable:
> >
> > 1. Create a self s
On Fri, Jan 12, 2001 at 11:33:30AM +0100, Tim Tassonis wrote:
> Hi
>
> I've got a question regarding client authentication and self signed
> certificates:
>
> I want to force mod_ssl to ban self-signed certificates from being
> accepted as valid certificates. From what I remember, one suggestion
Hi
I've got a question regarding client authentication and self signed
certificates:
I want to force mod_ssl to ban self-signed certificates from being
accepted as valid certificates. From what I remember, one suggestion was
to use SSLRequire in order to compare the subject_dn to the issuers_dn.