[Openswan Users] Forwarding client certs
Andreas Steffen
andreas.steffen at strongsec.net
Mon Apr 18 09:33:59 CEST 2005
The X.509 subject distinguished name is available in the updown script
via the PLUTO_PEER_ID environment variable. You can do any further
processing of the ID in an individualized updown script that is loaded
via the ipsec.conf connection parameter
leftupdown=<path to my_updown_script>
Regards
Andreas
Twum K. Djin wrote:
> My VPN server requires that guests authenticate with x.509 certs.
> I would like to have the certs they present forwarded to an application
> so that I can do some accounting (to extract X.509 information).
> I figure that to do this I should patch some part of the ipsec module
> (probably the pluto code) but I'm not sure where.
> What part of the code base handles processing client certificates? Could
> anyone point me in the right direction?
>
> Twum
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list