From owner-freebsd-questions Tue Mar 19 6:10:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mailserv.xpert.com (node-135.xpert.com [199.203.132.135]) by hub.freebsd.org (Postfix) with ESMTP id 7B42837B400 for ; Tue, 19 Mar 2002 06:10:41 -0800 (PST) Received: by mailserv.xpert.com with Internet Mail Service (5.5.2650.21) id ; Tue, 19 Mar 2002 16:10:35 +0200 Message-ID: From: Yonatan Bokovza To: 'S?ren Neigaard' , questions@FreeBSD.ORG Subject: RE: Offtopic - Apache+mod_ssl Date: Tue, 19 Mar 2002 16:10:32 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > -----Original Message----- > From: neigaard@e-box.dk [mailto:neigaard@e-box.dk] > Sent: Tuesday, March 19, 2002 13:29 > To: questions@FreeBSD.ORG > Subject: Offtopic - Apache+mod_ssl > > > Hi > > There are some basic concepts about mod_ssl I don't understand. I have > tried the mod_ssl maillist but it seems that they don't like newbie's. > Maybe it's my way of asking they don't like, I'm not sure, but I have > followed the list and seen other newbie's being ignored :) > > So I try my luck here, and hope that one of you will help me out here. > > I have read the documentation (or the documentation I could find), and > I belive that I understand how to configure mod_ssl enough to get > started. But... There is one thing I really don't understand. Users... > Where are the SSL users, where do I manage their usernames/passwords? > > I'm mostly concerned about username/password authentication to start > with, later I will play with certificates. I just cant find any info > on how to manage those user, maybe some of you have a link to this > kind of information. SSL does not handle "users", it handles certificates. The most common case is for a web server to have a certificate, signed either by a trusted party or itself. The user in this case will connect to the server and verify it's identity. The server's certificate will be used to encrypt the traffic. The other option is where both sides have certificates, and then the web server can also verify the user's identity. Both certificates are used to encrypt the traffic. You can read more about SSL and these modes in httpd.apache.org and www.modssl.org . Plus, there's a nice article in here: http://www.freebsddiary.org/openssl-client-authentication.php If you want to use usernames and passwords, you should probably learn about .htaccess (on apache) or different authentication modules (mod_auth_*) Regards, Yonatan. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message