ios-legacy icon indicating copy to clipboard operation
ios-legacy copied to clipboard

Published 20 hours ago verified publisher icon owncloud

feature: client side certificate

Open tortellini28 opened this issue 10 years ago • 4 comments

Hi, can a request to have the mobile & desktop apps to authenticate with the server also have client side certificate?

Thanks.

tortellini28 avatar Aug 30 '14 21:08 tortellini28

Hi @tortellini28 What do you mean?

javiergonzper avatar Oct 07 '14 11:10 javiergonzper

For SSL/HTTPS, we use certificates. 99% of the time, we only use server-based certs (along with the CA). However, to add extra protection, we can also use client certs. iOS/Android supports this with their native apps. Thus, in addition to using user/password, by having client-side certs, only that device/user can be able to access the server. Since owncloud uses HTTPS, this can be configured via apache to require client-side certs.

Thus to get this to work:

  1. Configure web server (e.g., Apache) to require client-side cert
  2. Create a new certificate and install on the device
  3. Have owncloud app to "import" this client cert into the app

tortellini28 avatar Oct 11 '14 21:10 tortellini28

Would be nice to allow a fully automated setup on the client, e.g. via QR codes on the web-interface: https://github.com/owncloud/core/issues/12071

tflidd avatar Sep 01 '15 16:09 tflidd

Related Android issue: https://github.com/owncloud/android/issues/163

michaelstingl avatar Aug 01 '17 16:08 michaelstingl