Signed Public Key and Challenge Demo/Interop

Interoperate with the Redwax Signed Public Key and Challenge module.

We have implemented a Netscape SPKAC endpoint that allows you to test your client implementation against a Redwax Server.

The code being run is the most up to date build from trunk/main in source control, and is built and deployed automatically. The Redwax Interop server is for testing purposes only.

Signed Public Key and Challenge Demo/Interop Server

When testing your SPKAC client implementation, use the following details.

Summary

Server URL https://interop.redwax.eu/test/spkac
Time Source System Clock
Serial Numbers Random

Redwax Module Configuration

The following configuration is used to implement this SPKAC endpoint. The configuration below is added to a standard secure virtualhost Apache configuration, as described here.

Configuration

Here we set the spkac handler, and set the certificates and keys to be used for signing the certificate.


  LoadModule ca_module /usr/lib64/httpd/modules/mod_ca.so


  LoadModule ca_simple_module /usr/lib64/httpd/modules/mod_ca_simple.so


  LoadModule spkac_module /usr/lib64/httpd/modules/mod_spkac.so



  Require all granted
  SetHandler spkac
  SpkacSubjectRequest CN
  SpkacSubjectRequest O
  SpkacSubjectRequest C
  SpkacSubjectAltNameRequest rfc822Name

]]>
                

SPKAC with MacOS Safari

The following example form shows how to generate a request based on the keygen tag.

Html Form

To request a certificate be generated, submit the form below.