Another SSL question

Mikael Karlsson <>
Thu Feb 6 12:28:38 CET 2003

Just want to know before I try to do anything by myself..

Are there any plans by the OTP team (or others) to add, 
to ssl, functionality to read the contents from a client cert 
after a client verification.

I would like to check the contents of the client cert in order to 
decide which user it is and set some access restriction based on 
the user id.

There is support for this in OpenSSL, and since the OTP ssl 
application uses it, I guess it is "just to add a couple of functions".

Apache for instance can export a number cert values to environment 
variables  so that you can do this, and I think this is a common 
procedure in many PKI based internet/intranet applications.


More information about the erlang-questions mailing list