[erlang-questions] Webmachine / Mochiweb & client certificates

Robert Raschke rtrlists@REDACTED
Fri May 6 10:58:55 CEST 2011


On Thu, May 5, 2011 at 10:06 PM, Steve Strong <steve@REDACTED> wrote:

>  Hi,
>
> Does anyone out there have any experience with Webmachine (or mochiweb) and
> authentication using client certificates?  I've had a good google around but
> can't see anything that's pointing me in the right direction.  Getting
> regular SSL up & running was pretty straightforward, as is performing basic
> or digest authentication.
>
> I've also quite easily used curl to exchange a client key, which appeared
> to be successful, but within my webmachine resource I can't see anyway to
> see that a client cert was presented, nor any details about it that would
> allow me to authenticate the user or not.
>
> Any help would be much appreciated,
>
> Cheers,
>
> Steve
>
> --
> Steve Strong, Director, id3as
> twitter.com/srstrong
>
>
There have been a few threads on the list about certificate verification.
But in general, what you want to be investigating is the ssl modules
verification support, the ssl options (in R14, for R13 it's new_ssl) to have
a look at are:

{verify, verify_type()}
{fail_if_no_peer_cert, boolean()}
{verify_fun, fun(ErrorList) -> boolean()}
{depth, integer()}

I'll be investigating client certificate verification at some point this
year. But not sure when yet.

Robby
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110506/0b60d47a/attachment.htm>


More information about the erlang-questions mailing list