I have seen some service providers that use certificates for client authentication, so that any browser without the certificate will be rejected. However, the browsers with trusted certificates could access their portals without login. How exactly can I do similar setup on the server side?
Asked
Active
Viewed 24 times
0
-
I cannot understand the last part. However, this seems to be more a question for [ServerFault](https://serverfault.com/) (setting up TLS client authentication.) – Yuriko Sep 10 '22 at 10:13
-
I'm not sure what the question is here, i.e. how to configure a server (which server) to require client certificate based authentication, how to create client certificates, how to secure server to server communication with client certificates, how to replace existing authentication with client certificates in a specific unknown application ... . I'm pretty sure that there are already plenty of information out there for any of these question, but you need to be more clear in what you are asking to find these. – Steffen Ullrich Sep 10 '22 at 10:15
-
Related: https://security.stackexchange.com/questions/251826/can-mutual-tls-work-with-a-self-signed-client-certificate https://security.stackexchange.com/questions/256969/when-using-certificates-as-authentication-what-identities-the-who-part – mti2935 Sep 10 '22 at 11:19