[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] MHD_OPTION_HTTPS_MEM_TRUST and self-signed client ce
|
From: |
Christian Grothoff |
|
Subject: |
Re: [libmicrohttpd] MHD_OPTION_HTTPS_MEM_TRUST and self-signed client certificates |
|
Date: |
Sat, 30 May 2020 11:33:51 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0 |
Hi Nicolas,
You can access client certificates (if provided) via
MHD_CONNECTION_INFO_GNUTLS_SESSION to get the `gnutls_session_t` and
then call gnutls_certificate_get_peers().
Happy hacking!
Christian
On 5/30/20 1:47 AM, Nicolas Mora wrote:
> Hello all,
>
> In order to fully implement OAuth 2.0 Mutual-TLS Client Authentication
> and Certificate-Bound Access Tokens
> (https://tools.ietf.org/html/rfc8705), I'd like to know if it's possible
> to use self-signed client certificates with MHD?
>
> I've never used such certificates, only CA signed ones in MHD with
> MHD_OPTION_HTTPS_MEM_TRUST, or Apache SSLCACertificateFile.
>
> I don't even know if this feature is available in GnuTLS...
>
> Thanks in advance!
>
> /Nicolas
>
signature.asc
Description: OpenPGP digital signature