I have set up a webserver with several self-hosted apps for my personal use. In order to make sure that I am the only person who can connect to my server, I have generated client authentication certificates on my server and transferred them to my local computer. There, I installed the .pfx certificate I downloaded into Firefox and Chrome. On the server, side, I configured nginx with ssl_verify_client on;
.
For the purely browser-based webapps, this is working great. However some of my apps have desktop clients, and they do not have a means of adding certificates.
Is there some way to install a client authentication certificate system-wide in Linux?
I was thinking maybe it would be possible to somehow insert the client certificate into https requests outgoing from my PC to my server's IP, might that work, and how would I do that?
SSLSocketFactory
, or middleware likeURLConnection
which does so, you can give thatjavax.net.ssl.keyStore*
sysprops to do client auth per the doc.