werner fraga wrote:
>
> we are using openssl to issue personal certificates to
> our employees so that we can restrict access to our
> website.
>
> we would like to prevent users from moving these certs
> from their PC to another PC.
>
> is there any way to tag these certificates so that a
> browser will refuse to export them?
>
Do you mean 'private keys'? Certificates are public knowledge and can't
be restricted in that way. What OS is this for, if windows then you can
for MSIE but it depends on how you import the certificates in the first
place.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
