[Mailman-Users] x.509 cert authentication for web interface?

Jon Carnes jonc at nc.rr.com
Sat Jan 31 00:02:25 CET 2004

You'll need to dive into the code for that. Mailman is totally and
blissfully unaware of such authentications.

Good Luck - Jon Carnes

On Fri, 2004-01-30 at 16:11, Noah Meyerhans wrote:
> On Fri, Jan 30, 2004 at 03:25:24PM -0500, Jon Carnes wrote:
> > 
> > Just move the script alias inside the ssl part of your httpd.conf.
> > 
> I've already got the script alias in the SSL section of Apache's config.
> That works fine, but it's most definitely not authenticating based on
> the x509 certificate presented by the browser.  It it supposed to?  I
> haven't seen any indication in the documentation that leads me to
> believe it is.  Please point me to whatever docs I'm missing if I am
> missing something.  Or tell me where in mailman's source code I can find
> that functionality.
> In case I was not clear in my intentions: If the browser presents an
> x509 certificate that is properly signed by my Certificate Authority,
> and the email address associated with the certificate is listed in the
> admin or moderator fields in Mailman, then the user should be considered
> authenticated.  At no point should they be prompted for a password.
> noah

More information about the Mailman-Users mailing list