Message

Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 24469 invoked by uid 500); 29 Sep 2002 09:18:17 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 24458 invoked from network); 29 Sep 2002 09:18:16 -0000 Received: from unknown (HELO anjalrelay) (194.170.154.6) by daedalus.apache.org with SMTP; 29 Sep 2002 09:18:16 -0000 Received: from anjalmail ([172.17.1.9]) by anjalrelay (Lotus Domino Release 5.0.9) with ESMTP id 2002092913314586:1431 ; Sun, 29 Sep 2002 13:31:45 +0400 Received: from sarath ([128.1.100.5]) by anjalmail (Lotus Domino Release 5.0.9) with ESMTP id 2002092913171734:1046 ; Sun, 29 Sep 2002 13:17:17 +0400 Reply-To: From: "Sarath Chandra M" To: Date: Sun, 29 Sep 2002 13:15:56 +0400 Organization: UAE Exchange Centre Message-ID: <003b01c26798$d13422a0$05640180@sarath> MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal X-MIMETrack: Itemize by SMTP Server on MAIL/UAE Exchange(Release 5.0.9 |November 16, 2001) at 09/29/2002 01:17:17 PM, Serialize by Router on MAIL/UAE Exchange(Release 5.0.9 |November 16, 2001) at 09/29/2002 01:17:18 PM, Serialize complete at 09/29/2002 01:17:18 PM, Itemize by SMTP Server on RELAY/UAE Exchange(Release 5.0.9 |November 16, 2001) at 09/29/2002 01:31:45 PM, Serialize by Router on RELAY/UAE Exchange(Release 5.0.9 |November 16, 2001) at 09/29/2002 01:31:52 PM, Serialize complete at 09/29/2002 01:31:52 PM Content-Type: multipart/alternative; boundary="----=_NextPart_000_003C_01C267BA.5845C2A0" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: [users@httpd] Apache 2.0.39 + ssl + ldap with client certificate authentication ------=_NextPart_000_003C_01C267BA.5845C2A0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii" Dear group, Has anybody tried doing ldap client certificate authentication for an apache 2.0.39 ssl server ? Our environment is : RedHat linux 7.1 kernel 2.4.x apache 2.0.39 (inc. mod_ssl) openssl-engine-0.9.6g openldap (on a different redhat linux server) The apache website has a verisign server certificate, a self-signed CA certificate and all clients have certificates in the ldap server signed by this CA. When clients present their certificate to browse the Apache secure site, Apache should check the existence of their certificate in the LDAP server and also the validity of the contents of the certificate presented. Kindly provide some direction to any solution or resources related to this issue. Any help would be highly appreciated. TIA Sarath ------=_NextPart_000_003C_01C267BA.5845C2A0 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="us-ascii" Message

Dear group,
Has anybody tried doing ldap client certificate=20 authentication for an apache
2.0.39 ssl server ?

Our = environment is=20 :
RedHat linux 7.1 kernel 2.4.x
apache 2.0.39 (inc.=20 mod_ssl)
openssl-engine-0.9.6g
openldap (on a different redhat = linux=20 server)

The apache website has a verisign server certificate, a=20 self-signed CA
certificate and all clients have
certificates in = the ldap=20 server signed by this CA.

When clients present their certificate = to=20 browse the Apache secure site,
Apache should check the
existence = of their=20 certificate in the LDAP server and also the validity of
the contents = of the=20 certificate presented.

Kindly provide some direction to any = solution or=20 resources related to this
issue.

Any help would be highly=20 appreciated.

TIA
Sarath

------=_NextPart_000_003C_01C267BA.5845C2A0--