[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SPAM] How to configure apache-ssl to offer the Cert to install?

On Fri, Sep 11, 2009 at 11:11:57AM +0200, Michelle Konzack wrote:
> Now I like to know, HOW I must configure Apache (or  my  PHP5  scripts),
> that if a user connect over https, that the  server  offer  automaticaly
> the cert to install.

This cannot work.  The client should have the CA certificate before
SSL/TLS handshake.  You'll have to find a way to offer the certificate

This can be done over HTTP by sending your CA certificate with
application/x-x509-ca-cert MIME type (grep x509 /etc/mime.types).
Decent client software should then ask the user if she wants to install
the certificate as trusted.

Reply to: