Another SSL question
Thu Feb 6 12:28:38 CET 2003
Just want to know before I try to do anything by myself..
Are there any plans by the OTP team (or others) to add,
to ssl, functionality to read the contents from a client cert
after a client verification.
I would like to check the contents of the client cert in order to
decide which user it is and set some access restriction based on
the user id.
There is support for this in OpenSSL, and since the OTP ssl
application uses it, I guess it is "just to add a couple of functions".
Apache for instance can export a number cert values to environment
variables so that you can do this, and I think this is a common
procedure in many PKI based internet/intranet applications.
More information about the erlang-questions