[Openswan Users] Forwarding client certs
Paul Wouters
paul at xelerance.com
Mon Apr 18 11:51:10 CEST 2005
On Mon, 18 Apr 2005, Twum K. Djin wrote:
> My VPN server requires that guests authenticate with x.509 certs.
>
> I would like to have the certs they present forwarded to an application so that
> I can do some accounting (to extract X.509 information).
Don't you already have the certificates elsewhere? You can then just grab the
CN from the logs and lookup the proper certificate.
> What part of the code base handles processing client certificates? Could anyone
> point me in the right direction?
programs/pluto/x509*.c is a good start.
Paul
--
As time passes hardware approaches the effectiveness of a rock and
the reliability of a crack addict.
--- Naubert's law
More information about the Users
mailing list