[erlang-questions] Re: SSL and client authentication

Alessandro Sivieri alessandro.sivieri@REDACTED
Mon Nov 15 11:19:45 CET 2010

2010/11/15 <mpalmer@REDACTED>

> However, the SSL handshake *has* occured by the time the response is sent
> back, so it shouldn't be impossible for the server to check the URL and
> (whether a/which) client certificate was presented, and serve or deny the
> request as appropriate.
This is what I thought, too; Apache and Nginx allow a user to configure
which Web paths have to be mutually authenticated and which not, even if
both use HTTPS...

> Since the OP has decided to use nginx, there's not much point in going
> into the mechanics of how to do that in Erlang.
So there is a way to do this in (pure) Erlang?

Sivieri Alessandro

More information about the erlang-questions mailing list