Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
November 30, 2009, 8:41 am
rate this thread
My goal is to get user signed into my site with a client login
certificate. Some sites like OpenID or cacert.org do it, so it must be
First I tried to generate the client certificate at the server side
(generate CSR, sign CSR, export into x509, pack keys and certificate
into PKCS12, send that file to the user) and it works. However I feel
this is not the right way to do it. The sites I've mentioned generate
generateCRMFRequest() then send the CSR to the server and the server
processess it in some way.
I've done a couple of Google searches but all results I get are about
"CRMF output from JS is not compatible with OpenSSL".
Can anyone tell me what is the correct way to generate client
certificate and process it (sign) server-side?
Re: How to sign generateCRMFRequest() with PHP and/or OpenSSL?
This has nothing to do with PHP. Among other things, PHP is server-side
only, and cannot generate client-side certificates.
Remove the "x" from my email address
JDS Computer Training Corp.