This section details how to enable client certificate authentication. For more information on the configuration options used here, visit the security section in our Faircom DB configuration options. For other security terminology, see Security terms.
- Create a server certificate signed by a CA certificate named something like
my_combined_cert.pem - Add the following information to
my_combined_cert.pemin this order:- Server certificate
- CA certificate
- The unencrypted server private key is in
server_private_key.pem. - Shut down the FairCom server.
- Edit FairCom's server configuration file,
<faircom>/config/ctsrvr.cfg. - In the SUBSYSTEM COMM_PROTOCOL SSL, uncomment or add the lines:
SERVER_CERTIFICATE_FILE my_combined_cert.pemx509_AUTHENTICATION YESx509_PATH CNDEBUG_LOG ssl.log - Start the FairCom server.