annotate mod_auth_ccert.wiki @ 425:39acae387be7

Add page about mod_manifesto
author Kim Alvefur <zash@zash.se>
date Wed, 12 Feb 2014 20:26:00 +0100
parents a21acacc8b22
children 0df264dd44c4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
369
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 #summary Client Certificate authentication module
381
a21acacc8b22 mod_auth_ccert and mod_auth_ldap2: Add Type-Auth labels
Kim Alvefur <zash@zash.se>
parents: 369
diff changeset
2 #labels Stage-Alpha,Type-Auth
369
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 = Introduction =
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 This module implements PKI-style client certificate authentication.
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 You will therefore need your own Certificate Authority.
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 How to set that up is beyond the current scope of this document.
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 = Configuration =
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 {{{
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 authentication = "ccert"
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 certificate_match = "xmppaddr" -- or "email"
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 c2s_ssl = {
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 -- key and certificate
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 capath = "/path/to/dir/with/your/ca"
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 }
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 }}}
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 = Compatibility =
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 ||trunk||Works||
1861f3e1e9ff mod_auth_ccert: Add page
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 ||0.9 and earlier||Doesn't work||