[Owncloud] oc with ssl client certificate

Dr. Johannes Zellner johannes at zellner.org
Wed Oct 30 21:47:19 UTC 2013 

Hi,

thanks.

*The interesting question from my (the client) perspective is: (how) did
you make it work on the server?*
*
*
It's as simple as having the client certificate to grant (and be required)
to access the web server.
Afterwards I've to log into owncloud as usual.

So this is a two stage login process, which...

1. ...prevents anybody who doesn't have a valid client certificat to even
see the login page
2. ...still allows to log into owncloud under different accounts, e.g. an
admin and a user account (if you have the certificate)

This is perfectly what I like and what works inside a web browser.
In fact I wouldn't like the certificate to be linked to an owncloud account
as it wouldn't allow me to log in under different accounts any more.
I believe that this is a very common scenario that someone wishes to
double-protect a private owncloud server.

so it would be nice to have client authentication working with the owncloud
clients.

regards,

-- 
Johannes


2013/10/30 Daniel Molkentin <danimo at owncloud.com>

> Hi Johannes,
>
> Am 30.10.2013 um 17:03 schrieb Dr. Johannes Zellner:
>
> how do owncloud clients work when apache is configured with ssl client
> certificate authentification?
>
>
> Neither the desktop nor the mobile clients support certificate
> authentication at this point, see below for details.
>
> does the windows client work with a client certificate?
>
>
> The Desktop Client (which has the same codebase for all OSes), has
> https://github.com/owncloud/mirall/issues/69 filed for that. It's not yet
> scheduled for any release, but if you look at the bug report, someone has
> volunteered to look into it, although it's been a few weeks since I last
> heard of him.
>
> The interesting question from my (the client) perspective is: (how) did
> you make it work on the server? IMHO client certificates are only
> interesting if ownCloud automatically maps them to a user (as opposed to
> just being in front of http basic auth as a second layer), and afaik there
> is no user backend for the server that implements such functionality.
>
> does mounting via davfs2 on linux work with a client certificate?
>
>
> Haven't tested that yet myself. The man page indicates that it does.
>
> Cheers,
>   Daniel
>
> --
> www.owncloud.com - Your Data, Your Cloud, Your Way!
>
> ownCloud GmbH, GF: Markus Rex, Holger Dyroff
> Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20131030/5ba3e601/attachment.html>

More information about the Owncloud mailing list