SSL certificate based login with myopenid.com and safari
I delegate my domains OpenID logins to myopenid.com - but I was having issues getting SSL certificate based login to work in safari.
Here's what I needed to do (mostly as a reminder to myself).
- Generate a new SSL certificate on the myopenid.com site
- Click the link to download the certificate. It downloads and installs via keychain access (I get a private key, a public key and a certificate).
- Set the certificate to be trusted (since Jan Rain/MyOpenID isn't a recognised issuer)
- Right click the certificate and add an Identity Preference. Add the URL https://www.myopenid.com/signin_certificate
This last step seems to be what was needed for me to get it to work properly.
Now - as long as I am on one of my own machines with an unlocked keychain then I can login with OpenID without sending passwords over the wire.