|
Posted by Edward A. Feustel on November 25, 2004, 7:01 am
If you were Registered and logged in, you could reply and use other advanced thread options
>I setup a http/https server on my router.
> I also upload certification file and private key file to the router.
> Does it need public key and IE has public/private
> keys by default talk to my router?
> Does the certification only make sure the server
> he/she connect to is correct? (from secrity alert-->
> view certificate. right?)
>
> Thanks in advance!
>
> LL
>
The exact details are pretty complicated.
If you were using apache with mod_ssl, and if you had set apache to request
mutual authentication, the server and client would perform an interchange
that would permit both to know with some certainty the identity of the
"party"
on the other end.
The information in the X.509 certificate of that the client presented would
be
made available in the environment variables of the Apache process. The
process
could then decide what operations are authorized for that client.
To learn more about the detail, see the book titled "Apache Professional"
and the book "SSL and TLS" by Rescorla.
Ed
| 
XML site map