Ben,
I'm hoping to get very basic instructions on how to create a client side certificate.
What kind of certificates are you planing to hand out to your users? Do you want to trust an official certificate authority, or do you want to issue the certificates yourself?
Desirably, I want to be able to hand clients a USB stick with a security key on it. And then only those clients who physically have the key can access a directory of a website.
Depending on how much money you are planing to invest, I recommend using an established smartcard product, maybe in the form of USB tokens. You can contact me by personal mail for further suggestions.
I am using a basic Debain server with Apache/2.0.54 PHP/5.0.5 mod_ssl/2.0.54 OpenSSL/0.9.7g
Actually, the more interesting question is what client operating systems you are going to use. Some products have linux drivers, other don't. Some products access the smartcard in a standardized way, allowing you to use free drivers (such as OpenCT / OpenSC).
It really depends on what problems you are planing to solve. Regards, Remo ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
