Apache+LDAP Auth and OpenCA Self-signed Cert Tutorial

groundhog00 writes "Posted recently from was an Apache + Basic authentication and self-signed digital certificates article. I thought people might find interest in doing a more scalable solution using parts of the PKI structure with mod_auth_ldap and Apache to communicate with an OpenLDAP server to get basic scalable authentication AND digital certificates using OpenCA as the your homegrown certificate authority. Here are some documents for setting up the certificate authority and getting certificates installed using Internet Explorer 5.x and Netscape 4.x browsers. There will be LDAP configurations for Apache soon, but this is a pretty decent set of documents to start with."

jargon abounds

[tps12]

authentication...self-signed digital certificates...scalable...PKI...mod_auth_ldap... Apache....OpenLDAP...OpenCA...certificate authority... Netscape

Wow, what a stream of buzzwords and cryptic jargon.

WAIT! That was just a joke.

Seriously, I found the tutorial very informative. I actually have been using basic authentication for my old site, and was noticing that (although my ACLs are short and my pages few) it required a lot of work every time an update or change was made, which was interesting. Often times I would forget certain parts of the procedure and end up with long debugging sessions with my users...not funny. I'd read about LDAP, and it had always seemed very cool, and really underrated. I went through the tutorial and it made everything clear: I will probably convert the old site this weekend; targetting the administrator (who really should be concerned about this stuff) was especially insightful.