[ale] Is anyone actually using: Client side certificates for Auth ?

Mike Harrison meuon at geeklabs.com
Tue Mar 3 18:18:31 EST 2009


> Sounds fun. The only time I've had to use client-side certs, I had to
> generate them all on the server, signed by server and distribute them
> to clients. I had some script tools to simplify the process but it's
> still a chore.


That's what I did as well. Takes about 10+ minutes per system. generate 
CSR, Sign, Export, copy to client PC, install in browser. etc..

I like authing the client this way, it's realy slick because the server
just refuses to talk to you at all if the cert in the client
does not match.. It's just an administrative nightmare.

Which is why I was wondering if anyone really uses it.

Good news: The client is liking how much better Firefox is
that MSIE and just decided to say: if you are using X, use Firefox.
Even for the WinXP users. :)








More information about the Ale mailing list