Bài đăng

Đang hiển thị bài đăng từ Tháng 8, 2016

Configuring two-way authentication SSL with Apache

A common way to protect a server from the access of malicious is to identify the client; in my opinion, the best way to do that is the mutual SSL authentication. To understand what is the mutual SSL Authentication and other good practices for the protection of an endpoint you can  read this article . You can implement two-way authentication SSL using a WEB Server, for this example I used apache web server. In the web there are more abstract examples of configuring two-way authentication SSL with Apache for development environment, but no one has a complete example. I hope this is quite complete! Yes, I’m talking about development environment, because usually in this step certificates are self signed and there is much more work to do (you have to simulate a CA and create certificates). Here there are the three marco steps: Create the server certificate Create the client certificate and the PKCS12 container Configure the apache web server 1. Create the server certificate