I'm working on a HMI implementation. Now, i need to set up mutual SSL for web interface.
Here is the use case:
- I've a website which is going public users.
- I want to be sure of my user group.
- So, first I'd set up Server Authentication SSL (HAProxy as public facing server) to ensure Client that "I am who I am".
- Now, I want to issue certificate to each of my user a certificate which they can install in their browser.
- I'll Allow requests from browser which includes any one of the authentic certificate. This way i can weed out Random scanners and vulnerabilities.
So, this is what I've already done:
- Set up a dummy server on public network
- Brought a public domain and a SSL Certificate (Signed by Comodo -> Verisign)
- Installed a Tomcat7 behind HAProxy 1.5
- Installed my publicly Signed certificate
- Now, want to issue certificates to customers and they are signed by self signed Certificate Authority
Here is my Server Config: RHEL 6.0 + HAProxy 1.5 + Tomcat 7.
Any help in this regard would be Highly appreciated (I've absolutely no knowledge of SSL earlier. I'm a explorer)
Aucun commentaire:
Enregistrer un commentaire