Morning all..
I have a web app and for certain areas of the site I wish to restrict access to a Client Authentication certificate. I want to generate a root Certificate for my company domain and then sub domains for a variety of customers. Then I wish to be able to generate certificates for certain users within these sub domains. My questions are: Can I build a root certificate that is not signed by someone like Verisign or any other trusted root? (This is a cost issue). Can I implement the Client Authentication on a server which does not have SSL implemented? Can I implement the Client Authentication on a server which already has an SSL certificate, signed by someone like Verisign and effectively run both? Would appreciate your thoughts and also any pointers on where to start digging. TIA Mark
