Tobias Mattsson wrote: > Hi, > > Is it possible to prevent apache from automatically giving out its server >certificate to everyone that is connecting to the server? > I want apache to only allow access to thoose that already have the certificate >installed in their clients. > It will be a form of access control.
No. And from your question, it's clear that you don't understand the protocol or PKI. If you want to control access with HTTPS, you can require client auth on the server, and only sign certs for those users you wish to grant access to. Clue: whenever you see schemes in which a public key is secret, you know something is amiss. In any case, a connecting client might not automatically trust the server cert, but will prompt the user to continue -- this is precisely how all commercial web browsers work. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
