Title: Client Certificate Authentication
Author: MarioLipinski
Published: <strong>Julio 14, 2013</strong>
Last modified: Julio 17, 2013

---

Priserĉi kromprogramojn

Tiu ĉi kromprogramo **ne estis testita en la 3 lastaj gravaj eldonoj de WordPress**.
Eble ĝi ne plu estas prizorgata kaj ĝi eble havus kongruajn problemojn en novaj 
versioj de WordPress.

![](https://s.w.org/plugins/geopattern-icon/client-certificate-authentication.svg)

# Client Certificate Authentication

 De [MarioLipinski](https://profiles.wordpress.org/mariolipinski/)

[Elŝuti](https://downloads.wordpress.org/plugin/client-certificate-authentication.1.0.2.zip)

 * [Detaloj](https://eo.wordpress.org/plugins/client-certificate-authentication/#description)
 * [Pritaksoj](https://eo.wordpress.org/plugins/client-certificate-authentication/#reviews)
 *  [Instalo](https://eo.wordpress.org/plugins/client-certificate-authentication/#installation)
 * [Programado](https://eo.wordpress.org/plugins/client-certificate-authentication/#developers)

 [Helpo](https://wordpress.org/support/plugin/client-certificate-authentication/)

## Priskribo

The Client Certificate Authentication plugin enables WordPress to login a user with
a SSL client certificate. The plugin uses the email address from the subject field
to identify the user by the email address of his wordpress account. Optionally, 
new accounts can be created on the fly by using email address and name from the 
certificate. By limiting login and registration to users providing a client certificate,
bots are locked out and spam is eliminated.

Acknowledgements: This plugin is based on the [HTTP Authentication plugin](https://wordpress.org/plugins/http-authentication/)
by Daniel Westermann-Clark. Ideas taken from Dan B.’s implementation for client 
certificate authentication.

## Instalo

 1. Login as an existing user, such as admin.
 2. Upload the `client-certificate-authentication` folder to your plugins folder, usually`
    wp-content/plugins`. (Or simply via the built-in installer.)
 3. Activate the plugin on the Plugins screen.
 4. Logout.
 5. Require certificate authentication for `wp-login.php` and `wp-admin`.
 6. Try logging in with your client certificate.

## OD

  How should I set up client certificate authentication?

This depends on your hosting environment and your means of authentication.
 The 
plugin uses the $_SERVER environment variables `SSL_CLIENT_S_DN_Email` (beginning
with) for the email address and `SSL_CLIENT_S_DN_CN` for the name. A working example
is given below:

In Apache HTTP (non-HTTPS) config add:

    ```
    RewriteEngine On
    RewriteRule ^/(wp-(admin|login\.php).*) https://%{HTTP_HOST}/$1
    ```

In Apache HTTPS config:

    ```
    <Location /wp-login.php>
        SSLVerifyClient optional
        <IfModule mod_rewrite.c>
            RewriteEngine   on
            RewriteCond  %{HTTP_USER_AGENT}  .*Safari.*
            RewriteCond  %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
            RewriteRule  .* /wp-admin [redirect,last]
        </IfModule>
    </Location>
    <Location /wp-admin>
        SSLVerifyClient require
    </Location>
    ```

Also make sure to set SSLCACertificatePath and enable CRL checks.

## Pritaksoj

There are no reviews for this plugin.

## Kontribuantoj k. programistoj

“Client Certificate Authentication” estas liberkoda programo. La sekvaj homoj kontribuis
al la kromprogramo.

Kontribuantoj

 *   [ MarioLipinski ](https://profiles.wordpress.org/mariolipinski/)

[Traduki “Client Certificate Authentication” en vian lingvon.](https://translate.wordpress.org/projects/wp-plugins/client-certificate-authentication)

### Ĉu interesita en programado?

[Browse the code](https://plugins.trac.wordpress.org/browser/client-certificate-authentication/),
check out the [SVN repository](https://plugins.svn.wordpress.org/client-certificate-authentication/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/client-certificate-authentication/)
by [RSS](https://plugins.trac.wordpress.org/log/client-certificate-authentication/?limit=100&mode=stop_on_copy&format=rss).

## Ŝanĝprotokolo

#### 1.0

Initial release.

#### 1.0.1

Documentation updates.

#### 1.0.2

Fixes to the short description.

## Metadatumoj

 *  Version **1.0.2**
 *  Last updated **antaŭ 13 jaroj**
 *  Active installations **10+**
 *  WordPress version ** 3.1 or higher **
 *  Tested up to **3.5.2**
 *  Language
 * [English (US)](https://wordpress.org/plugins/client-certificate-authentication/)
 * Tags
 * [authentication](https://eo.wordpress.org/plugins/tags/authentication/)[ssl](https://eo.wordpress.org/plugins/tags/ssl/)
 *  [Altnivela rigardo](https://eo.wordpress.org/plugins/client-certificate-authentication/advanced/)

## Pritaksoj

 5 out of 5 stars.

 *  [  2 5-star reviews     ](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/client-certificate-authentication/reviews/)

## Kontribuantoj

 *   [ MarioLipinski ](https://profiles.wordpress.org/mariolipinski/)

## Helpo

Got something to say? Need help?

 [Vidi helpforumon](https://wordpress.org/support/plugin/client-certificate-authentication/)

## Donaci

Ĉu vi volas subteni la pluevoluigon de tiu ĉi kromprogramo?

 [ Donaci al tiu ĉi kromprogramo ](http://www.cacert.org/index.php?id=13)