|
|
|
|
|
|
by xnyhps
4733 days ago
|
|
|
Most places where you can authenticate with SSL client certs allow you to add your own self-signed certificate and authenticate using that. All the validation you need is to check wether the cert is in the user's list. You can only forge that by stealing the private key. There's really no reason to only allow CA signed client certs. |
|
|