httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From o haya <>
Subject [users@httpd] Combine client certificate authentication plus database or LDAP lookup?
Date Wed, 12 Oct 2016 19:13:56 GMT

I was wondering if there is a way to combine client certificate authentication with an LDAP
or database lookup in Apache?

What I mean is:

- Apache performs 2-way SSL handshake with user browser and if that authentication is successful,
- Apache (some Apache module) gets the CN string from the client certificate and does an LDAP
or database lookup of that certificate string, and
      - If the lookup is successful, then the request gets processed normally by Apache
      - If either the 2-way SSL handshake fails or the LDAP (or database) lookup fails, then
Apache returns a 40x response

I've been searching (it SEEMS like this should be possible), but I haven't been able to find
an "out-of-box" approach with Apache for doing this yet.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message