Tag Archives: X509

OpenVPN: extended verification of X.509 client certificates

X.509 certificates have become a key part for secure authentication in corporate environments and unsurprisingly, OpenVPN[1] allows to use X.509 certificates for identifying authorized clients. Now, the default mode for OpenVPN is to verify the presented client certificates against a certificate authority (CA) and if that test succeeds, the clients are allowed in. That however is more than Continue Reading →

Spread the love

google-chrome or chromium and SSL client certificates

Many of our restricted services rely on client authentication based on X.509 SSL certificates. And some of the better (say user friendly 🙂 ones’ are accessible using a web interface. So, with Firefox certificate based authentication is relatively easy to implement, yet when using google-chrome or chromium I was quite lost on how to manage Continue Reading →

Spread the love

SVN authentication with client SSL X.509 certificates and apache 2.2

We recently moved our subversion repository to a new, now dedicated server. In that course I found it reasonable to streamline our old configuration how authentication and authorization against the repository is done. Previously, our users were primarily authorized to access the repository using their X.509 certificates. After authorization took place, they were authenticated and Continue Reading →

Spread the love

removing a passphrase from a X.509 certificate

If you are running services relying on certificates (mostly encryted onces, like TLS or SSL based ones), you normally don’t want to enter any kind of password each time the service starts (like with an externally reachable HTTPS server that is supposed to come up without any user interaction). Instead what you need after getting Continue Reading →

Spread the love