SSL certificate based login with myopenid.com and safari
2009-03-14

I delegate my domains OpenID logins to myopenid.com - but I was having issues getting SSL certificate based login to work in safari.

Here's what I needed to do (mostly as a reminder to myself).

    Generate a new SSL certificate on the myopenid.com site
    Click the link to download the certificate. It downloads and installs via keychain access (I get a private key, a public key and a certificate).
    Set the certificate to be trusted (since Jan Rain/MyOpenID isn't a recognised issuer)
    Right click the certificate and add an Identity Preference. Add the URL https://www.myopenid.com/signin_certificate

This last step seems to be what was needed for me to get it to work properly.

Now - as long as I am on one of my own machines with an unlocked keychain then I can login with OpenID without sending passwords over the wire.