How can I determine which SSL client certificate a connection is using in mod_perl?
-
22-08-2019 - |
Question
I am writing a web service in Perl that will run under SSL (HTTPS) with client certificates. How can I determine which certificate is being used by the client in the current connection so I can filter out unwanted ones?
Note: the web service is being run as a mod_perl script.
Solution
Found the answer on PerlMonks:
Use the Apache::SSLLookup module
sub handler {
my $r = Apache::SSLLookup->new(shift);
my $request_is_over_ssl = $r->is_https;
my $certificate = $r->lookup_var('SSL_CLIENT_CERT');
...
}
mod_ssl environment reference here.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow