access restriction based on RFC3280/4.2 "Certificate Extensions"

access restriction based on RFC3280/4.2 "Certificate Extensions"

am 08.08.2005 14:26:37 von karl.pitrich

Hi,

is it somehow possible to restrict access to
a httpd2/mod_ssl based on the presence
of an extended attribute with a specific OID
in the client's certificate?

i was unsuccessfull looking that up in the docs or ml-archive.


than you for any hint,

/ pit
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: access restriction based on RFC3280/4.2 "Certificate Extensions"

am 08.08.2005 17:28:12 von Mads Toftum

On Mon, Aug 08, 2005 at 02:26:37PM +0200, Pitrich, Karl wrote:
> Hi,
>
> is it somehow possible to restrict access to
> a httpd2/mod_ssl based on the presence
> of an extended attribute with a specific OID
> in the client's certificate?
>
There is some support for that in the very latest httpd dev tree - see
http://mail-archives.apache.org/mod_mbox/httpd-cvs/200507.mb ox/%3c20050720164301.95859.qmail@minotaur.apache.org%3e

vh

Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org