How can I determine which SSL client certificate a connection is using in mod_perl?

Question

I am writing a web service in Perl that will run under SSL (HTTPS) with client certificates. How can I determine which certificate is being used by the client in the current connection so I can filter out unwanted ones?

Note: the web service is being run as a mod_perl script.

Answer 1

Found the answer on PerlMonks:

Use the Apache::SSLLookup module

  sub handler {
    my $r = Apache::SSLLookup->new(shift);
    my $request_is_over_ssl = $r->is_https;
    my $certificate = $r->lookup_var('SSL_CLIENT_CERT');

    ...
  }

mod_ssl environment reference here.