Re: {bb} bbgen & https test

To: bb@bb4.com
Subject: Re: {bb} bbgen & https test
From: Henrik Storner <henrik-bb@hswn.dk>
Date: Tue, 31 Aug 2004 13:59:54 +0000 (UTC)
Newsgroups: lists.bb
Organization: Linux Users Inc.
References: <cgk109$m7$1@voodoo.hswn.dk> <200408262236.i7QMaJi04388@corp.caslab.com> <cgmlrc$99o$1@voodoo.hswn.dk> <005c01c48ce2$b4ccba70$2b01d59f@pcma13319new> <002901c48e7e$e63edf00$2b01d59f@pcma13319new> <7eeb9e7f040830044147bda672@mail.gmail.com> <007601c48e8d$d9c92eb0$2b01d59f@pcma13319new> <7eeb9e7f040830061415c24cdc@mail.gmail.com> <002101c48f29$a5c24560$2b01d59f@pcma13319new> <ch1fea$uu9$1@voodoo.hswn.dk>
Reply-to: bb@bb4.com
Sender: owner-bb@bb4.com
User-agent: nn/6.6.4

Ciao Marco,

In <ch1fea$uu9$1@voodoo.hswn.dk> Henrik Storner <henrik-bb@hswn.dk> writes:

>In <002101c48f29$a5c24560$2b01d59f@pcma13319new> "Marco Avvisano" <m.avvisano@mail.regione.toscana.it> writes:

>>So, i think that the problem is that the page is not accessible without the
>>certificate.

>Do I understand correct - this server requires a *client* certificate
>for authorization ?

>The curl library which bbgen 2.x uses does support client certificates
>with the "-E / --cert" option. But this is not used by bbgen.

>Looking at the OpenSSL docs it should not be too hard to implement.
>Would you be willing to test it for me ?

I have implemented this for the new bbgen 3.0 release, which I expect
to have ready in a few days.

If you could test it for me, I would much appreciate it. The current
snapshot of the bbgen 3.0 release is available on
http://www.hswn.dk/bbgen/alpha/bbgen-2.99-20040831.tar.gz

To use a client certificate for authorization, you need to store the
certificate in PEM format in $BBHOME/certs/filename.pem . Then in the
bb-hosts file you link to the certificate with a URL like this:

  10.1.2.3  www.web.com  # https://CERT:filename.pem@www.web.com/

i.e. you have word "CERT:" and then the PEM filename where you would
otherwise have a username/password for the website.

If the PEM certificate uses a private key with a password, you must
put the password (in clear text!) in $BBHOME/certs/filename.pass,
i.e. same filename as the certificate except it has extension ".pass".

The bb-hosts(5) man-page documents this, and also has instructions on
how to generate a PEM-formatted certificate file from a certificate
stored in your MS Internet Explorer certificate database.

And I found out that I do have a site using client certificates, 
and it actually worked when I tried it ....

Henrik
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, or to subscribe to the bb-digest list
send e-mail to mailto:majordomo@bb4.com with unsubscribe bb -and/or-
subscribe bb-digest in the BODY of the message.

References:
- Re: {bb} Odd Text in BBGen Tests
  - From: Henrik Storner <henrik-bb@hswn.dk>
- RE: {bb} Odd Text in BBGen Tests
  - From: "Mike Sullivan" <msullivan@corp.caslab.com>
- Re: {bb} Odd Text in BBGen Tests
  - From: Henrik Storner <henrik-bb@hswn.dk>
- {bb} problems using Net SNMP
  - From: "Marco Avvisano" <m.avvisano@mail.regione.toscana.it>
- {bb} bbgen & https test
  - From: "Marco Avvisano" <m.avvisano@mail.regione.toscana.it>
- Re: {bb} bbgen & https test
  - From: Ben Pitzer <bpitzer@gmail.com>
- Re: {bb} bbgen & https test
  - From: "Marco Avvisano" <m.avvisano@mail.regione.toscana.it>
- Re: {bb} bbgen & https test
  - From: Ben Pitzer <bpitzer@gmail.com>
- Re: {bb} bbgen & https test
  - From: "Marco Avvisano" <m.avvisano@mail.regione.toscana.it>
- Re: {bb} bbgen & https test
  - From: Henrik Storner <henrik-bb@hswn.dk>

Prev by Date: RE: {bb} bbgen and conn
Next by Date: Re: {bb} strange history
Previous by thread: Re: {bb} bbgen & https test
Next by thread: Re: {bb} bbgen & https test
Index(es):
- Date
- Thread

Home | Main Index | Thread Index