Hello, i couldn't find a solution for my problem anywhere, so here it is:
I've made a self-signed CA that i use to sign client and server certificates. All of them have the same "Organization=" part in the DN.
Now the problem is, if a client browser has more than 1 certificate (1 issued by me and others by some 3rd party), it either chooses the wrong one automatically, or if you choose to select it manually, presents all of the certificates in the storage.
So, is there a way to limit this choice of client certificates, so that only those issued by the same CA as the server certificate, or the samo O= in DN are given to choose from?
I've heard this can be done on apache servers, and i definitely know some applications that utilize this, presenting only the certificates that are relevant.
Any help would be greatly appreciated..