Menu
▾
▴
Re: [Ejbca-develop] EJBCA newbie: retrieval question
|
From: Tomas G. <to...@pr...> - 2016-01-08 07:19:36
|
Hi, It's because certificates are by design "public". There is no security information in them by "X.509/PKI" design, as the security lies with the private key. It's common to publish all issued user certificates in a directory for example. You can of course easily restrict access to public web by removign access to publicly accessible ports. Cheers, Tomas ********** PrimeKey Solutions AB Lundagatan 16, 171 63 Solna, Sweden Mob: +46 (0)707421096 Internet: www.primekey.se Twitter: twitter.com/primekeyPKI ********** On 2016-01-08 08:04, Benedikt Weyer wrote: > good morning, why can i retrieve any certificate (even the superadmin) > in ejbca's public web interface without authenitification? am using > ejbca_ce_6_3_1_1, jboss-as-7.1.1.Final, H2, openjdk-7 on debian 8. > thanx a lot in advance. > > ------------------------------------------------------------------------------ > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
