- From: Vic Bancroft <bancroft@america.net>
- Date: Sun, 27 Feb 2005 21:50:04 -0500
- To: Andrew Steets <steets@gmail.com>
- CC: www-lib@w3.org
Andrew Steets wrote: >here is a preliminary patch against TOT which includes the patch >I sent out earlier this evening and now has basic support for client >side certs. > For convenience, I went ahead and checked them in as, Checking in configure.ac; /sources/public/libwww/configure.ac,v <-- configure.ac new revision: 1.3; previous revision: 1.2 done Checking in Library/src/SSL/HTSSL.c; /sources/public/libwww/Library/src/SSL/HTSSL.c,v <-- HTSSL.c new revision: 1.8; previous revision: 1.7 done Checking in Library/src/SSL/windows/wwwssl.def; /sources/public/libwww/Library/src/SSL/windows/wwwssl.def,v <-- wwwssl.def new revision: 1.4; previous revision: 1.3 done Checking in Robot/src/HTRobMan.html; /sources/public/libwww/Robot/src/HTRobMan.html,v <-- HTRobMan.html new revision: 1.10; previous revision: 1.9 done Checking in Robot/src/Makefile.am; /sources/public/libwww/Robot/src/Makefile.am,v <-- Makefile.am new revision: 1.33; previous revision: 1.32 done Checking in Robot/src/RobotMain.c; /sources/public/libwww/Robot/src/RobotMain.c,v <-- RobotMain.c new revision: 1.14; previous revision: 1.13 done >The webbot now has options > > Hurrms, I wonder how many options webbot is missing compared to wget . . . >-verifydepth <n> >-sslprot <v1 | v2 | v23> >-keyfile <private key filename> >-certfile <public cert filename> > > Looking at the options available from the openssl tools, for example http://www.openssl.org/docs/apps/s_time.html We add some aliases to match option syntax, we might also want to consider an appropriate set of defaults, given the way popular distributions organize the certs. >you can robot all over a server that requires client side certs provided you have the right key/cert files and some knowledge of openssl (to convert your stuff to PEM format if needed). > > Even though some howto action would turn into an openssl + apache + libwww, it might be nice to construct something like the stunnel example, http://www.stunnel.org/examples/client_cert.html Perhaps we can dig some session scrapings from our shell history. >Let me know what you think. > > Great work, look forward to the refinements ! more, l8r, v -- america sig
Received on Monday, 28 February 2005 03:10:55 UTC