Difference between revisions of "OpenID-eID"
Jump to navigation
Jump to search
m |
m |
||
| Line 1: | Line 1: | ||
Here are my attempts to create an [[OpenID]] provider based on the [[Belgian eID]] |
Here are my attempts to create an [[OpenID]] provider based on the [[Belgian eID]] |
||
| + | |||
| + | Let's get apache2, php5 and openssl stuff: |
||
| + | apt-get install apache2-utils apache2-mpm-prefork libapache2-mod-php5 php5 openssl ssl-cert |
||
| + | |||
| + | Details on apache2 config... |
||
| + | * requires client certificate |
||
| + | * import Belgium Root CA for validation of the client certificates |
||
| + | TODO: cf apache proxy proposed by the government: |
||
| + | * [http://issues.apache.org/bugzilla/show_bug.cgi?id=41123 OCSP support for mod_ssl] |
||
| + | * [http://issues.apache.org/bugzilla/show_bug.cgi?id=35083 Certificate validation problems trapping] |
||
| + | |||
| + | Hacking [http://siege.org/projects/phpMyID/ phpMyID] |
||
| + | |||
| + | Details on the patch |
||
| + | * remove HTTP Digest for the authorization step |
||
| + | * redirect authorization to HTTPS as we'll deal with SSL client certificates |
||
Revision as of 21:58, 19 February 2008
Here are my attempts to create an OpenID provider based on the Belgian eID
Let's get apache2, php5 and openssl stuff:
apt-get install apache2-utils apache2-mpm-prefork libapache2-mod-php5 php5 openssl ssl-cert
Details on apache2 config...
- requires client certificate
- import Belgium Root CA for validation of the client certificates
TODO: cf apache proxy proposed by the government:
Hacking phpMyID
Details on the patch
- remove HTTP Digest for the authorization step
- redirect authorization to HTTPS as we'll deal with SSL client certificates