certificate based authentication?
Is there any plans to implement certificate based authentication?
What’s your exact use case? Do you use it in a corporate environment where a CA issues user certificates, or do you use just to avoid password authentication?
I’m personal user just looking for options to tighten security a litle bit more.
It would be nice to force Apache https to serve only authenticated calls.
Login/Password of caldav/card in mycase owncloud can still be active.
I am also interested in mutual authentication. I want to get rid of passwords.
I would like the option to generate self-signed certificate on the mobile and register this certificate on the server.
I think this would make a more secure system, free from the issues of classic password authentication.
is there any update in this topic ?
Due to security reasons, my owncloud is only accessable via client certificates . Currently all requests from my smartphone (Android 6) are rejected, even if i am able to access the server with chrome. (Chrome supports client certificates)
If you need a test environment, i can set up a testserver for you.