![]() This is +1000 for SW Proxy website since, otherwise, it could spoof any domain name (including banks, etc.). You'd (probably) want/need separate sub-domains per-user (e.g.) to simplify this association.īecause the exporter doesn't have have access to the CA cert, it can't spoof other domain names. with the added proviso that the website needs to know which user is connecting so it can present the correct SSL cert. Fortunately, this workflow also works for the SW Proxy website. doesn't affect the security model.Įach user would create their own CA and enter their own SSL certificate (for the SW domain) in the SW Exporter. The Exporter would create a private/public key and the CA would sign the public key.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |