[horde] Horde authentication with client SSL digital certificates
Cliff Green
green at umdnj.edu
Mon Jun 5 07:03:50 PDT 2006
Today at 9:47am, Cliff Green wrote:
CG> On Jun 4 at 10:23pm, Fabio Pietrosanti wrote:
CG>
CG> FP> I would like to know about which can be modules that would need to be
CG> FP> modified in order to be able to authenticate users with client side SSL
CG> FP> certificates.
CG> FP>
CG> FP> Are there some quick hack to implement such kind of functionality?
[commentary snipped]
My apologies, but I edited out one or two relevant bits of text in my
original message - the relational operators for these requirements for
the administrators' config:
CG> SSLRequire %{SSL_CLIENT_I_DN_CN} eq [text of the CN of the
CG> Issuer DN of client's certificate]
CG> and %{SSL_CLIENT_S_DN_O} [text of the O of the
Should be: ' and %{SSL_CLIENT_S_DN_O} eq [text of the O of the'
^^
CG> Subject DN in client's certificate]
CG> and %{SSL_CLIENT_S_DN_CN} [text of the CN of one
Should be: ' and %{SSL_CLIENT_S_DN_CN} in { [quoted text....]}
^^^^
CG> or more comma delimited Subject DNs in one or more clients' certificates]
CG> }
Please let the list know if you figure out what works for you,
c
--
Clifford Green Internet - green at umdnj.edu
Business Systems & Technologies UMDNJ-IST
"When a distinguished but elderly scientist states that something is
possible, he is almost certainly right. When he states that something is
impossible, he is very probably wrong." -- Clarke's First Law
More information about the horde
mailing list