[Mailman-Users] x.509 cert authentication for web interface?

Noah Meyerhans noahm at csail.mit.edu
Fri Jan 30 22:11:51 CET 2004

On Fri, Jan 30, 2004 at 03:25:24PM -0500, Jon Carnes wrote:
> Just move the script alias inside the ssl part of your httpd.conf.

I've already got the script alias in the SSL section of Apache's config.
That works fine, but it's most definitely not authenticating based on
the x509 certificate presented by the browser.  It it supposed to?  I
haven't seen any indication in the documentation that leads me to
believe it is.  Please point me to whatever docs I'm missing if I am
missing something.  Or tell me where in mailman's source code I can find
that functionality.

In case I was not clear in my intentions: If the browser presents an
x509 certificate that is properly signed by my Certificate Authority,
and the email address associated with the certificate is listed in the
admin or moderator fields in Mailman, then the user should be considered
authenticated.  At no point should they be prompted for a password.


Noah Meyerhans                         System Administrator
MIT Computer Science and Artificial Intelligence Laboratory

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.python.org/pipermail/mailman-users/attachments/20040130/0fbec6a5/attachment.pgp 

More information about the Mailman-Users mailing list