preventing client certs to be used by multiple users??

Hello,
Is there a way to prevent users (that got a client ssl-certificate (pkcs12)
for accessing my server) from giving their certs away to others and in that
way enabling "unwanted" users access to my site?
Or if there is no elegant solution, maybe someone knows how apache (or a log
analyzer etc.) can inform me if two different IPs have tried to connect
simultaneously using the same certificate?

Many thanks
Conrad Friedrich
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: preventing client certs to be used by multiple users??

----- Original Message -----
From: "Conrad Friedrich"
To:
Sent: Wednesday, August 31, 2005 11:49 PM
Subject: preventing client certs to be used by multiple users??


> Hello,
> Is there a way to prevent users (that got a client ssl-certificate
(pkcs12)
> for accessing my server) from giving their certs away to others and in
that
> way enabling "unwanted" users access to my site?
> Or if there is no elegant solution, maybe someone knows how apache (or a
log
> analyzer etc.) can inform me if two different IPs have tried to connect
> simultaneously using the same certificate?
>
> Many thanks
> Conrad Friedrich

The other replies pretty much says it all. If you're trying to prevent
people from sharing their access to your data then have them sign
some papers instead.
Certificates and login credentials just won't do that for you.

/Daniel


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org