Re: [SPAM] How to configure apache-ssl to offer the Cert to install?

To: debian-isp@lists.debian.org
Subject: Re: [SPAM] How to configure apache-ssl to offer the Cert to install?
From: Bertrand Yvain <pnl@ielo.net>
Date: Fri, 11 Sep 2009 13:03:09 +0200
Message-id: <20090911110309.GE7419@nexus6.adm.ielo.net>
In-reply-to: <20090911091157.GD6597@tamay-dogan.net>
References: <20090911091157.GD6597@tamay-dogan.net>

On Fri, Sep 11, 2009 at 11:11:57AM +0200, Michelle Konzack wrote:
> Now I like to know, HOW I must configure Apache (or  my  PHP5  scripts),
> that if a user connect over https, that the  server  offer  automaticaly
> the cert to install.

This cannot work.  The client should have the CA certificate before
SSL/TLS handshake.  You'll have to find a way to offer the certificate
beforehand.

This can be done over HTTP by sending your CA certificate with
application/x-x509-ca-cert MIME type (grep x509 /etc/mime.types).
Decent client software should then ask the user if she wants to install
the certificate as trusted.

Reply to:

Follow-Ups:
- Re: How to configure apache-ssl to offer the Cert to install?
  - From: Michelle Konzack <linux4michelle@tamay-dogan.net>

References:
- How to configure apache-ssl to offer the Cert to install?
  - From: Michelle Konzack <linux4michelle@tamay-dogan.net>

Prev by Date: Re: How to configure apache-ssl to offer the Cert to install?
Next by Date: Re: How to configure apache-ssl to offer the Cert to install?
Previous by thread: Re: How to configure apache-ssl to offer the Cert to install?
Next by thread: Re: How to configure apache-ssl to offer the Cert to install?
Index(es):
- Date
- Thread