[Openswan Users] Forwarding client certs

Paul Wouters paul at xelerance.com
Mon Apr 18 11:51:10 CEST 2005

On Mon, 18 Apr 2005, Twum K. Djin wrote:

> My VPN server requires that guests authenticate with x.509 certs.
> I would like to have the certs they present forwarded to an application so that
> I can do some accounting (to extract X.509 information).

Don't you already have the certificates elsewhere? You can then just grab the
CN from the logs and lookup the proper certificate.

> What part of the code base handles processing client certificates? Could anyone
> point me in the right direction?

programs/pluto/x509*.c is a good start.


As time passes hardware approaches the effectiveness of a rock and
the reliability of a crack addict.
                                      --- Naubert's law

More information about the Users mailing list