[foaf-protocols] FOAF+SSL: Simple Recipe to Create X.509 Client Certificates in PHP

Joe Presbrey presbrey at csail.mit.edu
Thu Aug 19 06:25:03 CEST 2010


simpleCreateClientCertificate.php is returning OpenSSL errors today.

--
Joe Presbrey

On Wed, Dec 31, 2008 at 9:31 AM, Melvin Carvalho
<melvincarvalho at gmail.com> wrote:
> Hi All
>
> The following is a simple test page that can be used to create self signed
> X.509 certificates, in order to be used with FOAF+SSL:
>
> http://foaf.me/simpleCreateClientCertificate.php
>
> Steps will be taken to ensure that that copies of keys or passwords are not
> stored on the server, however, it is recommended that certificates are
> created on an own client, and that this page is used for testing purposes
> only.
>
> At the bottom of the page is a link containing a recipe for generating self
> signed certificates, using PHP:
>
> http://foaf.me/Using_PHP_to_create_X.509_Client_Certificates.php
>
> Using the self signed certificate, together with a FOAF file containing a
> public key of the form:
>
> <rdf:type rdf:resource="http://www.w3.org/ns/auth/rsa#RSAPublicKey"/>
> <cert:identity rdf:resource="FOAFURI"/>
> <rsa:modulus
> rdf:parseType="Resource"><cert:hex>KEY0123456789ABCDEF</cert:hex></rsa:modulus>
> <rsa:public_exponent
> rdf:parseType="Resource"><cert:decimal>65537</cert:decimal></rsa:public_exponent>
>
> should grant you access to a FOAF+SSL enabled resrouce:
>
> It would be desirable for user agents to be able to automatically import the
> p12 certificates, though it seems to be browser dependent, and is something
> being looked in to.  If you manage to be able to install a certificate in
> your browser, it can be tested here.
>
> https://foaf.me/simpleLogin.php
>
> Feedback is appreciated,
>
> -Melvin
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>


More information about the foaf-protocols mailing list