Send full X.509 client certificate to custom authentication policy server
Jaime Hablutzel Egoavil
hablutzel1 at gmail.com
Fri Jan 26 19:15:27 EET 2018
I'm working with Dovecot 2.3 and I'm wondering if I could send the full
X.509 client certificate to my custom authentication policy server.
I'm actually aware that I can send the client certificate validity status
with something like:
auth_policy_request_attributes = ... cert=%{cert}
But I want the full X.509 certificate to be able to decide over the basis
of certificate extensions, e.g. Certificate Policies extension.
Is it currently possible?, what about Lua based authentication?, does Lua
currently receive the full client certificate?.
--
Jaime Hablutzel - RPC 994690880
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180126/a75f41be/attachment.html>
More information about the dovecot
mailing list