Sarva, On Nov 3, 2010, at 9:31 AM, Saravanan Kannan wrote:
> We need some guidance (or) installation steps on how to implement the PKI > token certificates with Apache Web Server 2.2.3 for authentication purposes. > Currently our production environment uses the iPlanet 6.1 webserver and > Weblogic 10.0 as the application layer. The iPlanet 6.1 webserver will be > migrated to Apache 2.2.3 and the PKI Token certificate will be configured for > the authentication. We currently do not have expertise in our group in how to > configure the Apache 2.2.3 webserver with the PKI token certification for > authentication. Any reference materials or steps invovled in configuring the > PKI Token certificate for authentication will be helpful. Apache comes with mod_ssl, which runs on top of OpenSSL. OpenSSL uses PEM-encoded key and certificate files: it does not have the concept of a Token like iPlanet does. You need to export the key, certificate and certificate chain from the Token into PEM files for use by Apache. There is a module called mod_nss which uses the Netscape Security Library, the same crypto back-end used by iPlanet. This should allow you to use the same Token that you currently use. It was created by Red Hat, so I don't know if it's available on SuSE. I have not tried it. > OS = Linux ( SLES 10 MP2) > Apache Version = 2.2.3 Are you using Apache 2.2.3 as it came with your operating system? If you downloaded and installed it yourself, keep in mind that 2.2.3 is quite old and we have released new versions since. If you got it from SuSE, they will update it for you. S. -- Sander Temme scte...@apache.org PGP FP: FC5A 6FC6 2E25 2DFD 8007 EE23 9BB8 63B0 F51B B88A View my availability: http://tungle.me/sctemme --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
