Client Side Certificates in WebDAV Nav+

How to configure WebDAV Nav+ to use a client side certificate to connect to your server

WebDAV Nav+ includes some basic support for using client certificates when establishing an SSL connection to a server.

###Generating self-signed certificates for testing

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# Create the CA Key and Certificate 
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt

# Create the Server Key and CSR
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr

# Sign server certificate
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

# Create the Client Key and CSR
openssl genrsa -des3 -out mycert.key 1024
openssl req -new -key mycert.key -out mycert.csr

# Sign the client certificate with our CA cert. 
openssl x509 -req -days 365 -in mycert.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out mycert.crt

#Convert to the PKCS12 format required by WebDAV Nav 
openssl pkcs12 -export -in client.crt -inkey client.key -out demo.p12 -name "Demo Certificate"

###Configure Apache to use the server and client certificates SSLEngine on SSLCertificateFile /data/certs/server.crt SSLCertificateKeyFile /data/certs/server.key SSLCACertificateFile /data/certs/ca.crt SSLVerifyClient require SSLVerifyDepth 1