Hi all
I am developing a site for a group of clients who will be connecting to
our site via SSL for security
reasons. I have decided to use client authentication instead of manual
login for added security and will
allow the client to add users to the system via an admin certificate. ie
All clients are issued with admin
certs which in turn are used to generate user certs. I just need a bit
of clarity on some issues and some
help with others.
The way I understand it:
The web server has one public and private key from which you can create
certificates.
The browser has one public and private key from which you can generate
certificates.
If I create a web server certificate, the client needs to insert a root
certificate into his browser, for it to
recognize the site.
How do I:
create the certificate
generate the root certificate
I know there are some sun. classes for handling some of this (there is
an example that comes with
JWS2.0) and that jdk2.0 has some certificate handling functions. The
real problem is inserting the
certificates into the web server and the browser and inserting the ca
root certificate (which I will be
generating.
Any info will be much appreciated!
brian
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
