Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Cherokee: users

how do i do client based ssl/tls with cherokee?

  

 
Cherokee users RSS feed   Index | Next | Previous | View Threaded


wonslung at gmail

Oct 9, 2009, 10:50 PM

Post #1 of 6 (506 views)
Permalink
how do i do client based ssl/tls with cherokee?
I've got a site i want to keep private between just a few people. I've been
reading how to's on google, but all of them seem to be for apache....I know
i need to use openssl but i don't know the commands well enough.

Basically, what i want to do is use ssl to authenticate a handfull of
clients instead of using basic or digest authentication. I can't find a
good guide for this. If soemone could point me to the information or help
me out i'd really appreciate it.


info at ppvg

Oct 10, 2009, 2:10 AM

Post #2 of 6 (487 views)
Permalink
Re: how do i do client based ssl/tls with cherokee? [In reply to]
Hi,

> I've got a site i want to keep private between just a few people.  I've been reading how to's on google, but all of them seem to be for apache....I know i need to use openssl but i don't know the commands well enough.
>
> Basically, what i want to do is use ssl to authenticate a handfull of clients instead of using basic or digest authentication.  I can't find a good guide for this.  If soemone could point me to the information or help me out i'd really appreciate it.

Unless I'm mistaken, SSL is not for authentication - just for securing
the connection. Over a secure connection you could use plain-text
passwords for authentication, as a man-in-the-middle attack is
unlikely (as long as your client knows a bogey certificate and knows
not to trust it). You should read the documentation about SSL[1] and
about authentication[2].

Peter-Paul

[1] http://www.cherokee-project.com/doc/cookbook_ssl.html
[2] http://www.cherokee-project.com/doc/cookbook_authentication.html
_______________________________________________
Cherokee mailing list
Cherokee [at] lists
http://lists.octality.com/listinfo/cherokee


aperez at skarcha

Oct 10, 2009, 2:10 AM

Post #3 of 6 (484 views)
Permalink
Re: how do i do client based ssl/tls with cherokee? [In reply to]
Hello Thomas,

On Sat, Oct 10, 2009 at 7:50 AM, Thomas Burgess <wonslung [at] gmail> wrote:

> I've got a site i want to keep private between just a few people.  I've been
> reading how to's on google, but all of them seem to be for apache....I know
> i need to use openssl but i don't know the commands well enough.
>
> Basically, what i want to do is use ssl to authenticate a handfull of
> clients instead of using basic or digest authentication.  I can't find a
> good guide for this.  If soemone could point me to the information or help
> me out i'd really appreciate it.

First of all, start reading the SSL Cookbook. [1]

Once you have SSL up and running, the next part will be create client
certificates for authentification. Search on Google for it.


[1] http://www.cherokee-project.com/doc/cookbook_ssl.html


--
Saludos:
Antonio Pérez
_______________________________________________
Cherokee mailing list
Cherokee [at] lists
http://lists.octality.com/listinfo/cherokee


wonslung at gmail

Oct 10, 2009, 1:24 PM

Post #4 of 6 (471 views)
Permalink
Re: how do i do client based ssl/tls with cherokee? [In reply to]
Thanks, i finally got it working. I used the CA.pl script and information
from about 25 google pages...i finally pieced it all together. =) Thanks so
much. Wish i had seen this sooner =)


2009/10/10 Antonio Pérez <aperez [at] skarcha>

> Hello Thomas,
>
> On Sat, Oct 10, 2009 at 7:50 AM, Thomas Burgess <wonslung [at] gmail>
> wrote:
>
> > I've got a site i want to keep private between just a few people. I've
> been
> > reading how to's on google, but all of them seem to be for apache....I
> know
> > i need to use openssl but i don't know the commands well enough.
> >
> > Basically, what i want to do is use ssl to authenticate a handfull of
> > clients instead of using basic or digest authentication. I can't find a
> > good guide for this. If soemone could point me to the information or
> help
> > me out i'd really appreciate it.
>
> First of all, start reading the SSL Cookbook. [1]
>
> Once you have SSL up and running, the next part will be create client
> certificates for authentification. Search on Google for it.
>
>
> [1] http://www.cherokee-project.com/doc/cookbook_ssl.html
>
>
> --
> Saludos:
> Antonio Pérez
>


shailesh.zenwalk at gmail

Oct 10, 2009, 8:01 PM

Post #5 of 6 (466 views)
Permalink
Re: how do i do client based ssl/tls with cherokee? [In reply to]
Hey, it would be good if u cud share that script and detail HOW TO u solved,
may be some 1 else will get solved or looking for same solution as u.

2009/10/11 Thomas Burgess <wonslung [at] gmail>

> Thanks, i finally got it working. I used the CA.pl script and information
> from about 25 google pages...i finally pieced it all together. =) Thanks so
> much. Wish i had seen this sooner =)
>
>
> 2009/10/10 Antonio PĂ©rez <aperez [at] skarcha>
>
>> Hello Thomas,
>>
>> On Sat, Oct 10, 2009 at 7:50 AM, Thomas Burgess <wonslung [at] gmail>
>> wrote:
>>
>> > I've got a site i want to keep private between just a few people. I've
>> been
>> > reading how to's on google, but all of them seem to be for apache....I
>> know
>> > i need to use openssl but i don't know the commands well enough.
>> >
>> > Basically, what i want to do is use ssl to authenticate a handfull of
>> > clients instead of using basic or digest authentication. I can't find a
>> > good guide for this. If soemone could point me to the information or
>> help
>> > me out i'd really appreciate it.
>>
>> First of all, start reading the SSL Cookbook. [1]
>>
>> Once you have SSL up and running, the next part will be create client
>> certificates for authentification. Search on Google for it.
>>
>>
>> [1] http://www.cherokee-project.com/doc/cookbook_ssl.html
>>
>>
>> --
>> Saludos:
>> Antonio PĂ©rez
>>
>
>
> _______________________________________________
> Cherokee mailing list
> Cherokee [at] lists
> http://lists.octality.com/listinfo/cherokee
>
>


--
----------------------
“Live your life honestly—if you don’t, you always have
to remember to not be yourself”

"Ever tried Zen Computing?"
visit: www.zenwalk.org


wonslung at gmail

Oct 11, 2009, 7:15 PM

Post #6 of 6 (465 views)
Permalink
Re: how do i do client based ssl/tls with cherokee? [In reply to]
well the script apparently comes with openssl and i ended up using
information from a bunch of sites....but the one that helped me the most was
this:
http://blog.scatmania.org/ssl-client-certificate-authentication-in-ruby-on-rails/

On Sat, Oct 10, 2009 at 11:01 PM, Zenwalker <shailesh.zenwalk [at] gmail>wrote:

> Hey, it would be good if u cud share that script and detail HOW TO u
> solved, may be some 1 else will get solved or looking for same solution as
> u.
>
> 2009/10/11 Thomas Burgess <wonslung [at] gmail>
>
>> Thanks, i finally got it working. I used the CA.pl script and information
>> from about 25 google pages...i finally pieced it all together. =) Thanks so
>> much. Wish i had seen this sooner =)
>>
>>
>> 2009/10/10 Antonio Pérez <aperez [at] skarcha>
>>
>>> Hello Thomas,
>>>
>>> On Sat, Oct 10, 2009 at 7:50 AM, Thomas Burgess <wonslung [at] gmail>
>>> wrote:
>>>
>>> > I've got a site i want to keep private between just a few people. I've
>>> been
>>> > reading how to's on google, but all of them seem to be for apache....I
>>> know
>>> > i need to use openssl but i don't know the commands well enough.
>>> >
>>> > Basically, what i want to do is use ssl to authenticate a handfull of
>>> > clients instead of using basic or digest authentication. I can't find
>>> a
>>> > good guide for this. If soemone could point me to the information or
>>> help
>>> > me out i'd really appreciate it.
>>>
>>> First of all, start reading the SSL Cookbook. [1]
>>>
>>> Once you have SSL up and running, the next part will be create client
>>> certificates for authentification. Search on Google for it.
>>>
>>>
>>> [1] http://www.cherokee-project.com/doc/cookbook_ssl.html
>>>
>>>
>>> --
>>> Saludos:
>>> Antonio Pérez
>>>
>>
>>
>> _______________________________________________
>> Cherokee mailing list
>> Cherokee [at] lists
>> http://lists.octality.com/listinfo/cherokee
>>
>>
>
>
> --
> ----------------------
> “Live your life honestly—if you don’t, you always have
> to remember to not be yourself”
>
> "Ever tried Zen Computing?"
> visit: www.zenwalk.org
>

Cherokee users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.