Configure Apache to verify client certificate in an LDAP server?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have the following situation:

- Apache configured for client-authenticated SSL
- An LDAP server (an OpenDS instance) containing all of our users

What we want to do is that after Apache performs the 2-way SSL handshake, that somehow Apache verifies the certificate matches some user that is in the LDAP server and if so, then allows access (and if it doesn't match any user, then denies access).  

By "somehow", this would probably mean searching the LDAP server for, say, a matching certificate subject string or something like that.

I've been looking at mod_authnz_ldap, but haven't found how to use that with a client cert (and no password), so I was hoping that someone here might know how the above can be accomplished?

Thanks,
Jim


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux