Apache & Mod_SSL Client Certificate Authentication
Posted on 2005-05-07
I have asked a similar question to this subject before and seemed to get answers that just quite simply contained the question I had asked.
So what I am looking for is a comprehensive answer to this problem because we have tried going over and over this numerous times, using various forums and searches on google. Even the actual mod_ssl seems very basic at explaining the product itself.
What we want to do is for visitors to visit a certain domain on our server i.e portal.domain.com or simply (192.0.0.1) and be asked for 2 main credentials:
Username and Password via .htaccess or php db_sessions
Client Certificate Credentials on their PC's Browser
If they can't provide the right credentials and don't posses the certificate in the browser then no access can be given.
I have access to our server via SSH/Putty, we use WebHostManager (WHM) and I understand Linux commands reasonably well. I just need some guidance of what to do.
I understand that we need to do these steps:
Create a CA
Setup the web server certificate
Install the CA Certificate on the web server
Adjust http.conf to request a certificate on access to that area
Install the certificate on the client browser
I hope this is right.
I can almost do the first 3 alright without problem as this can be done through WHM if needed. Trying to get the apache for that domain to request a certificate of even get the certificate to the users browser is confusing me and I am completely lost.
It would be good to hear from someone who has completed this from end to end. In this situation I would prefer that I get answers from those who are certain of how to do it. I don't mean to be rude in anyway, its just I have had contributions before that have been very little or even no help and this is quite urgent.
Hope to get a solution soon