Do you need to have Apache setup on the Machine if you are only use
wt-httpd in the methods in your example SSLClientAuth?
I have setup a Self Signed Cert, I am using QtCreator with the run
command:
--docroot . --http-address 0.0.0.0 --http-port 8080
--ssl-certificate /etc/httpd/conf/server.crt
--ssl-private-key /etc/httpd/conf/server.key
--ssl-tmp-dh=projects/ssl/dh512.pem --ssl-enable-v3
--ssl-client-verification=required --ssl-verify-depth=15
--ssl-ca-certificates=/etc/httpd/conf/server.crt
Note: I do not have ssl-tmp-dh, nor do I know if its required, but same
results without it, in fact, same with just --docroot . --http-address
0.0.0.0 --http-port 8080,
which makes me wonder if I am doing this right.
I used this script to create the Cert:
cd /etc/httpd/conf/
sudo openssl genrsa -out server.key 4096
sudo chmod 600 server.key
sudo openssl req -new -key server.key -out server.csr
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out
server.crt
and it checked out ok, so the paths to the cert are there and verified.
I hit the code message:
Not an SSL session, or no client certificate available. Please read the
readme file in examples/feature/client-ssl-auth for more info.
Then I tried to get more info by doing this:
Wt::WValidator::Result results = sslInfo->clientVerificationResult();
new Wt::WText("Not an SSL session, or no client certificate available.
Please read the readme file in examples/feature/client-ssl-auth for more
info." + results.message(), root());
This didn't work, or its not the right way to do it, any clue which one?
After a long recovery from being hit in the head by a Micro Meteorite, I
am back to working on the Witty Wizard CMS,
I do not want to have Apache installed for security reasons,
I want to require a public/private Cert, but do not want it to bomb if
its not there,
but if it is, give the user a button to log in using the servers users,
so I can log in as root, and run root commands from the web page,
like Virtualmin or cPanel,
so I can maintain the server from the CMS,
so I was wondering if you have a function to authenticate using local
users on the server its ran from?
If this requires Apache, is there a workaround to make something like
this work without?
What I need is the most secure way to log in as root and run root
commands.
Thanks
------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends. Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
witty-interest mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/witty-interest
