Hi all,<br> I was wondering if anyone here can point me to a good reference on how to configure Apache, OpenSSL, and client certificates at MIT. <br><br>I've been to <a href="http://web.mit.edu/apache-ssl/www/README.certificate">
http://web.mit.edu/apache-ssl/www/README.certificate</a> and to<br><a href="http://nazzim.mit.edu/developers/article.php?story=20051221094844208">http://nazzim.mit.edu/developers/article.php?story=20051221094844208</a><br>
<br>and while I have been able to get mod_ssl up and running using the OS X server certificates interface, phpinfo() still does not show the SSL_DN_Client_Email or other SSL variables I would expect to see. I don't completely understand how certificates work, and I prefer to use the OS X server interfaces for Apache because OS X server has a quirky way of choosing how to organize sites (and that makes me nervous to move things around too much).
<br><br>The section of the apache configuration that seems to be concerned with this says:<br><br> <IfModule mod_ssl.c><br> SSLEngine On<br> SSLLog "/var/log/httpd/ssl_engine_log"
<br> SSLCertificateFile "/System/Library/OpenSSL/certs/dev-llarc.pem"<br> SSLCertificateKeyFile "/System/Library/OpenSSL/private/server_key.pem"<br> SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL"
<br> SSLCACertificateFile "/System/Library/OpenSSL/certs/mitca.crt"<br> SSLCertificateChainFile "/System/Library/OpenSSL/certs/mitca.crt"<br> </IfModule><br><br>
Can anyone offer me insight? The dev-llarc file is the file I received after generating the request, and the server_key is the other file that was generated before (and I did not send it to <a href="mailto:mitcert@mit.edu">
mitcert@mit.edu</a>). mitca.crt is from the MIT certificates page.<br><br>I would also appreciate chatting on the phone, or in person if you have the time. Thanks.<br><br>Best,<br>~Joshua Aresty<br>MIT LLARC Programmer/Analyst
<br>3-4598<br><br>