Menu
I am writing a web service in Perl that will run under SSL (HTTPS) with client certificates. How can I determine which certificate is being used by the client in the current connection so I can filter out unwanted ones?
Note: the web service is being run as a mod_perl script.
904
Chrome has made it simple for any site visitor to get certificate information with just a few clicks: Click the padlock icon in the address bar for the website. Click on Certificate (Valid) in the pop-up. Check the Valid from dates to validate the SSL certificate is current.
Just ask Equifax! Client certificates also use public key infrastructure (PKI) for authentication, just like Server certificates. However, there is one significant difference between the two. Unlike Server certificates, Client certificates don't encrypt any data; they're installed for validation purposes only.
Android (v.Click the padlock icon next to the URL. Then click the "Details" link. 2. From here you can see some more information about the certificate and encrypted connection, including the issuing CA and some of the cipher, protocol, and algorithm information.
In Chrome, go to Settings. On the Settings page, below Default browser, click Show advanced settings. Under HTTPS/SSL, click Manage certificates. In the Certificates window, on the Personal tab, you should see your Client Certificate.
Found the answer on PerlMonks:
Use the Apache::SSLLookup module
sub handler {
my $r = Apache::SSLLookup->new(shift);
my $request_is_over_ssl = $r->is_https;
my $certificate = $r->lookup_var('SSL_CLIENT_CERT');
...
}
mod_ssl environment reference here.
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With