This is a little how to authenticate users with X509 certificates and apache 2 webserver

Well, it's very simple. First, take a look in Apache 2.

Here one of possible config. This one use a flat file (a htpasswd one) with Users's DN as username. The password MUST BE password, encoded in des or md5 (depend of your apache config)

        <Location /brack>
                SSLVerifyClient         require
                SSLVerifyDepth          5
                SSLCACertificateFile    /etc/apache2/ssl/cacert.pem
                SSLOptions              +FakeBasicAuth
                SSLRequireSSL
                AuthName                "Rack access"
                AuthType                Basic
                AuthUserFile            /etc/apache2/access/brack.conf
                require                 valid-user
        </Location>

brack.conf

/CN=Bruno Bonfils/O=Fimasys/C=FR:xxj31ZMTZzkVA\

Comments