I am trying to get user certificate by $_SERVER[’SSL_CLIENT_CERT’] and send it to another web server for authentication.
So far I changed httpd-ssl.conf to accept any user certificate
<VirtualHost _default_:443>
SSLEngine on
ServerSignature On
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:RC4+RSA:!SSLv2:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional_no_ca
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCACertificatePath conf/
</VirtualHost>
My clients internet explore shows all the availbale certificates when they access my https://localhost/ server. They choose one and submit it to https://localhost/testldap.php.
Where scripts are
<?php
$ssl=openssl_x509_parse($_SERVER[’SSL_CLIENT_CERT’]);
print_r($ssl);
?>
But here $_SERVER[’SSL_CLIENT_CERT’] and other $_SERVER[’SSL_SERVER_CERT’] parameters are empty. I don;t know why. Please help me to solve it!!!
How to configure apache to accept any user certificates?
Moderator: General Moderators
Re: How to configure apache to accept any user certificates?
I am trying to get user certificate by $_SERVER[’SSL_CLIENT_CERT’] and send it to another web server for authentication.
So far I changed httpd-ssl.conf to accept any user certificate
<VirtualHost _default_:443>
SSLEngine on
ServerSignature On
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:RC4+RSA:!SSLv2:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional_no_ca
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCACertificatePath conf/
</VirtualHost>
My clients internet explore shows all the availbale certificates when they access my https://localhost/ server. They choose one and submit it to https://localhost/testldap.php.
Where scripts are
<?php
$ssl=openssl_x509_parse($_SERVER[’SSL_CLIENT_CERT’]);
print_r($ssl);
?>
But here $_SERVER[’SSL_CLIENT_CERT’] and other $_SERVER[’SSL_SERVER_CERT’] parameters are empty. I don;t know why. Please help me to solve it!!!
So far I changed httpd-ssl.conf to accept any user certificate
<VirtualHost _default_:443>
SSLEngine on
ServerSignature On
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:RC4+RSA:!SSLv2:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional_no_ca
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCACertificatePath conf/
</VirtualHost>
My clients internet explore shows all the availbale certificates when they access my https://localhost/ server. They choose one and submit it to https://localhost/testldap.php.
Where scripts are
<?php
$ssl=openssl_x509_parse($_SERVER[’SSL_CLIENT_CERT’]);
print_r($ssl);
?>
But here $_SERVER[’SSL_CLIENT_CERT’] and other $_SERVER[’SSL_SERVER_CERT’] parameters are empty. I don;t know why. Please help me to solve it!!!
Re: How to configure apache to accept any user certificates?
I am trying to get user certificate by $_SERVER[’SSL_CLIENT_CERT’] and send it to another web server for authentication.
So far I changed httpd-ssl.conf to accept any user certificate
<VirtualHost _default_:443>
SSLEngine on
ServerSignature On
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:RC4+RSA:!SSLv2:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional_no_ca
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCACertificatePath conf/
</VirtualHost>
My clients internet explore shows all the availbale certificates when they access my https://localhost/ server. They choose one and submit it to https://localhost/testldap.php.
Where scripts are
<?php
$ssl=openssl_x509_parse($_SERVER[’SSL_CLIENT_CERT’]);
print_r($ssl);
?>
But here $_SERVER[’SSL_CLIENT_CERT’] and other $_SERVER[’SSL_SERVER_CERT’] parameters are empty. I don;t know why. Please help me to solve it!!!
My original task is to develop login page by using public key infrastructure. But the server which issues the client's private key is not my organization.
And I am only allowed to connect their web server by sending the user's client certificate (who logged in my web site) and getting the information about my user's certificate
So far I changed httpd-ssl.conf to accept any user certificate
<VirtualHost _default_:443>
SSLEngine on
ServerSignature On
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:RC4+RSA:!SSLv2:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional_no_ca
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCACertificatePath conf/
</VirtualHost>
My clients internet explore shows all the availbale certificates when they access my https://localhost/ server. They choose one and submit it to https://localhost/testldap.php.
Where scripts are
<?php
$ssl=openssl_x509_parse($_SERVER[’SSL_CLIENT_CERT’]);
print_r($ssl);
?>
But here $_SERVER[’SSL_CLIENT_CERT’] and other $_SERVER[’SSL_SERVER_CERT’] parameters are empty. I don;t know why. Please help me to solve it!!!
My original task is to develop login page by using public key infrastructure. But the server which issues the client's private key is not my organization.
And I am only allowed to connect their web server by sending the user's client certificate (who logged in my web site) and getting the information about my user's certificate