OpenID-eID

From YobiWiki
Jump to navigation Jump to search

Here are my attempts to create an OpenID provider based on the Belgian eID

Let's get apache2, php5 and openssl stuff:

apt-get install apache2-utils apache2-mpm-prefork libapache2-mod-php5 php5 openssl ssl-cert

Details on apache2 config...

  • requires client certificate
  • import Belgium Root CA for validation of the client certificates

TODO: cf apache proxy proposed by the government:

Hacking phpMyID

Details on the patch

  • remove HTTP Digest for the authorization step
  • redirect authorization to HTTPS as we'll deal with SSL client certificates