Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Help extracting public key from X509 .cer file

by bcarroll (Pilgrim)
on Mar 29, 2014 at 22:47 UTC ( [id://1080239]=note: print w/replies, xml ) Need Help??


in reply to Re^4: Help extracting public key from X509 .cer file
in thread Help extracting public key from X509 .cer file

Assuming your perl script is a CGI script, sense you want to "export it from the browser".

Apache/mod_ssl provides a convenient method of extracting X.509 certificate data.

The ExportCertData option exports two additional environment variables: SSL_CLIENT_CERT and SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server (always existing) and the client (only existing when client authentication is used). This can be used to import the certificates into CGI scripts.

Add +ExportCertData to SSLOptions and the PEM encoded client certificate and issuer certificate(s) will be added to %ENV. The issuing CA certs are named SSL_CLIENT_CERT_CHAIN_x
<FilesMatch "\.(do|cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars +ExportCertData </FilesMatch>
Here is an example CGI that displays the PEM encoded cert info:
#!/usr/bin/perl use CGI qw(:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); $|=1; print header; print start_html("X.509 Certificate Info"); if ( defined( $ENV{SSL_CLIENT_S_DN} ) ){ print $ENV{SSL_CLIENT_CERT}, "<br />"; } else { print "ERROR: Client certificate not presented to webserver for auth +entication"; } print end_html;

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1080239]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others about the Monastery: (4)
As of 2024-03-29 09:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found