httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Browder <tom.brow...@gmail.com>
Subject Re: [users@httpd] What verification does Apache do as part of SSLVerifyClient?
Date Sun, 09 Sep 2012 14:21:38 GMT
On Sun, Sep 9, 2012 at 8:59 AM, Pete Houston <ph1@openstrike.co.uk> wrote:
> On Sun, Sep 09, 2012 at 08:36:30AM -0500, Tom Browder wrote:
>> So the client cert. does contain the private key?   Then its password
>> is all that is protecting it?
>
> No, the key is normally (but not always) kept separately.

So, if I generate the certs, I need to make sure I keep the key separate, too.

Note that I have intermediate agents who certifiy the emails (IDs) of
the recipients, plus I plan to have another authentication scheme
after the SSL cert (Persona).

Thanks, Pete.

-Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message