[erlang-questions] Webmachine / Mochiweb & client certificates

Steve Strong steve@REDACTED
Fri May 6 16:26:42 CEST 2011


Thanks for the replies - currently, I'm using the nginx approach which is working perfectly.

Cheers,

Steve
-- 
Steve Strong, Director, id3as
twitter.com/srstrong

On Friday, 6 May 2011 at 10:58, Robert Raschke wrote: 
> 
> On Thu, May 5, 2011 at 10:06 PM, Steve Strong <steve@REDACTED> wrote:
> > Hi,
> > 
> > Does anyone out there have any experience with Webmachine (or mochiweb) and authentication using client certificates? I've had a good google around but can't see anything that's pointing me in the right direction. Getting regular SSL up & running was pretty straightforward, as is performing basic or digest authentication.
> > 
> > I've also quite easily used curl to exchange a client key, which appeared to be successful, but within my webmachine resource I can't see anyway to see that a client cert was presented, nor any details about it that would allow me to authenticate the user or not. 
> > 
> > Any help would be much appreciated,
> > 
> > Cheers,
> > 
> > Steve
> > 
> > -- 
> > Steve Strong, Director, id3as
> > twitter.com/srstrong
> 
> There have been a few threads on the list about certificate verification. But in general, what you want to be investigating is the ssl modules verification support, the ssl options (in R14, for R13 it's new_ssl) to have a look at are:
> 
> {verify, verify_type()}
> {fail_if_no_peer_cert, boolean()}
> {verify_fun, fun(ErrorList) -> boolean()}
> {depth, integer()}
> 
> I'll be investigating client certificate verification at some point this year. But not sure when yet.
> 
> Robby
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110506/2451e522/attachment.htm>


More information about the erlang-questions mailing list