This Site and Service

This site has been developed by CAcert to give CAcert certificate users the ability to allow users of their web sites to connect using OpenID supported by the CAcert Web-Of-Trust.

We hope that this will help you creating a bridge between your website, whether powered by Drupal, Wordpress, or other technology, and your users, who are holders of CAcert Client SSL Certificates and can be identified to your site that way.


CAcert

CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.

CAcert's goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.

If you want to have free certificates issued to you, join the CAcert Community .

If you want to use certificates issued by CAcert, read the CAcert Root Distribution License .This license applies to using the CAcert root keys .


OpenID Connect

What is OpenID Connect

OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 framework of specifications (IETF RFC 6749 and 6750). It simplifies the way to verify the identity of users based on the authentication performed by an Authorization Server and to obtain user profile information in an interoperable and REST-like manner.

OpenID Connect enables application and website developers to launch sign-in flows and receive verifiable assertions about users across Web-based, mobile, and JavaScript clients. And the specification suite is extensible to support a range of optional features such as encryption of identity data, discovery of OpenID Providers, and session logout. ( from OpenID Foundation )

OpenID Connect is an advancement from the older Oauth 2.0 technique, providing a simpler method for servers and their users to connect and authenticate each other.

OpenID Connect (OIDC) is an identity authentication protocol that is an extension of open authorization (OAuth) 2.0 to standardize the process for authenticating and authorizing users when they sign in to access digital services. OIDC provides authentication, which means verifying that users are who they say they are. OAuth 2.0 authorizes which systems those users are allowed to access. OAuth 2.0 is typically used to enable two unrelated applications to share information without compromising user data. For example, many people use their email or social media accounts to sign in to a third-party site rather than creating a new username and password. OIDC is also used to provide single sign-on. Organizations can use a secure identity and access management (IAM) system like Microsoft Entra ID (formerly Azure Active Directory) as the primary authenticator of identities and then use OIDC to pass that authentication to other apps.

This way users only need to sign in once with one username and password to access multiple apps. ( from Microsoft )











'; echo ""; ?>