... may be a dumb question ?
From: Michael Gale (michael_at_bluesuperman.com)
Date: 12/31/03
- Previous message: Paul Kurczaba: "Re: home wireless router good practices for security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Dec 2003 22:35:17 -0700 To: security-basics@securityfocus.com
Hello,
I have a question, I want to make a secure web site for me and a few
people. So this is my crazy design.
I setup Apache with PHP and am using mod_ssl. I created my own CA on a
linux box. I then created a CSR for the web server and
signed it with my CA.
Now I give all the people I want to have access to the site my ca.crt
and they import it into their browser. So now there browser will accept
my site's cert :) with out the warning.
Now if they are running a linux / unix box I can have them create a CSR
and have my CA sign it. Then they can import that cert into their
browser.
Now if I understand it correctly when the client accesses my site the
server and client will exchange certs and trust each other :) unless I
add the user to the CRL.
The rest of the traffic will be over SSL ... so is this a secure way of
allows access to a directory ?
Do you see any problems ?
-- Hand over the Slackware CD's and back AWAY from the computer, your geek rights have been revoked !!! Michael Gale Slackware user :) Bluesuperman.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- Previous message: Paul Kurczaba: "Re: home wireless router good practices for security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
