How can I determine which SSL client certificate a connection is using in mod_perl?

About

Asked 30/3, 2009 at 11:59 Answered 30/3, 2009 at 13:12

Solved perl ssl https mod-perl client-certificates

I am writing a web service in Perl that will run under SSL (HTTPS) with client certificates. How can I determine which certificate is being used by the client in the current connection so I can filter out unwanted ones?

Note: the web service is being run as a mod_perl script.

Electrolyte answered 30/3, 2009 at 11:59 Comment(2)

Will this be a cgi or mod_perl script or are you going to open the listening server socket yourself? – Garek 30/3, 2009 at 12:22

it will be a mod_perl script. I was thinking about using SOAP::WSDL::Server::Mod_Perl2 – Electrolyte 30/3, 2009 at 12:27

Found the answer on PerlMonks:

Use the Apache::SSLLookup module

  sub handler {
    my $r = Apache::SSLLookup->new(shift);
    my $request_is_over_ssl = $r->is_https;
    my $certificate = $r->lookup_var('SSL_CLIENT_CERT');

    ...
  }

mod_ssl environment reference here.

Electrolyte answered 30/3, 2009 at 13:12 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags