Improve company productivity with a Business Account.Sign Up

x
?
Solved

Client Side Authentication Internet Explorer

Posted on 2004-09-07
9
Medium Priority
?
197 Views
Last Modified: 2010-05-18
Hi,

I am looking to implement a more advanced secure authentication of users who will have access to our internal business web systems.

We are using sessions, htaccess restricted IP and we also want to restrict the access unless the pc has the client side authentication.  A lot of banks use this method and the certificate is installed in the "Tools", "Internet Options", "Content", "Certificates".  

This will heighten the security of our system and who has access.

Can anyone help?

Thanks
0
Comment
Question by:mdmarkbowman
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11999605
are you talking about "SSL Client Certificates"?
0
 

Author Comment

by:mdmarkbowman
ID: 12002212
I think they may be called this??  Yeah they are the certificates that are issued by a company/organistion.  So for example: if i don't have the issued certificate installed on the pc i work from I could not acces my systems.

I had to download one to get to our Business Internet Banking.  So our Internet banking can only be accessed from my computer at home and know where else.

Does this help?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12007586
ok, you want client certs, and what is your question about?
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 

Author Comment

by:mdmarkbowman
ID: 12008673
Thanks for getting back to me.  Well I just want to know about the process involved in getting this kind of authentication implemented.  I kinda made the assumption that over the past day or two from looking on the web that you buy the client certs from some (CA).  

But after signing up on Business Internet Banking with my bank it required that I downloaded the Digital ID from the banks server and install it.  Then it allows me to access the internet banking site.

We use a Linux Server running apache.  

Thanks

Mark
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12008725
if you own the server you can make your own certs (don't need to buy them) and distribute them to your clients, thats called a PKI (public key infrastructure)
if you're client you have to use the cert provided by the owner of the server and install it into your browser
0
 

Author Comment

by:mdmarkbowman
ID: 12008858
Yes its a dedicated server that we lease.  So I take it we can generate as many as we want or do we just create one and its for the domain specifically.  So essentially we generate a certificate for each login/user or we generate on cert and everyone uses the same one.  Sorry but I am very naive about this subject/programming at times?

Help is appreciated!
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 1000 total points
ID: 12010256
client certs are unique for each user, each user with its own cert (hence PKI, see above)
while you have one unique cert for your server
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Cloud computing is a model of provisioning IT services. By combining many servers into one large pool and providing virtual machines from that resource pool, it provides IT services that let customers acquire resources at any time and get rid of the…
It has been a full year since one of the worst ransomware attacks we have seen, the Wannacry attack last year. The attacks have changed.  The way we are addressing them has also changed, but maybe not enough.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question