Ping a Specific Port

Question

Alexander Artemenko

Asked: 2011-10-14 04:54:41 +0800 CST2011-10-14 04:54:41 +0800 CST 2011-10-14 04:54:41 +0800 CST

Are there any way to check client certificate issuer in lighttpd?

772

I have to check client certificate issuer in the Lighttpd but can't find any variable for that.

Here is part of my config, related to ssl_mod:

$SERVER["socket"] == ":443" {   
            ssl.engine = "enable"           
            ssl.pemfile = "/etc/certs/this-server.pem"
            ssl.ca-file = "/etc/certs/allcas.pem"
            ssl.verifyclient.activate = "enable"
            ssl.verifyclient.username = "enable"
}

1 Answers

Voted

sm8ps · Answer 1 · 2011-10-18T11:40:22+08:00

sm8ps

2011-10-18T11:40:22+08:002011-10-18T11:40:22+08:00

I am currently struggling with some similar questions (let me stress "struggling"!). I am not quite there yet but from my extensive research the following looks promising.

The option ssl.verifyclient.username = "SSL_CLIENT_S_*" seems to only give information about the subject, i.e. the user. As of version 1.4.25, ssl.verifyclient.exportcert = "enable" though should give you access to the full certificate which can be evaluated in 'env:SSL_CLIENT_CERT'.

Source: http://nginxvslighttpd.com/2011/08/lighttpd-ssl-module/ (section "Configuration").

Please report back with success or failure report!

0

Are there any way to check client certificate issuer in lighttpd?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?