[mod_python] Swig, and mod_ssl

MichaelStröder michael at stroeder.com
Fri Aug 18 18:04:51 EST 2000


Rich Salz wrote:
> 
> > BTW, one way to get DN is "SSLOptions +FakeBasicAuth", then the DN 
> > should appear in req.connection.user.
> 
> Right.  But I need more than that.  I need to know *if* there's a client
> cert, all the nitty-gritty details of it (e.g., what the keyUsage
> extension is), I need to do my own verification, no CRL processing, my
> own chain verification, etc.  Lots of stuff.

I'm not sure I fully understand the problem but if you set

  SSLOptions +ExportCertData

you will get the client and server certs "PEM"-formatted exported to
the OS environment in variables SSL_CLIENT_CERT and SSL_SERVER_CERT.

Ciao, Michael.



More information about the Mod_python mailing list