I created an extension for yii2 that performs an automatic login if the client provides a HTTPS client certificate that is associated with an identity / user.
I created an extension for yii2 that performs an automatic login if the client provides a HTTPS client certificate that is associated with an identity / user.
Hi @fphammerle I really need this extension. can you elaborate more on how to implement this?
TIA,
Daniel
Hi Daniel,
as a first step you need to configure your webserver to request client certificates.
What webserver do you use?
For apache you can follow the steps here:
Does this guide help you?
ad question 1)
in addition to your server certificate you’ll need to create an additional certificate that you’ll use to sign the cert signing requests of all users.
openssl req -x509 -newkey rsa:4096 -keyout ca-key.pem -out ca-cert.pem -days 3650
) on a secure deviceSSLCACertificateFile
)ad question 2)
each user/client certificate that a browser sends to your webserver needs to have a “distinguished name” field.
the plugin will use the “distinguished name” to map the certificate to a user.
Thank you @fphammerle, I will try and let you know the result
Btw, I have not yet tested this, but is this suitable for this condition?
I have terminal client where 2 users are using. I want to limit them only to be able to login from this terminal and not from mobile phone or other pc.
In the meantime, a supervisor or owner can also login from this terminal client. Owners and supervisors can also login from any computers.
Can I implement this situation with your extension?