https://redmine.lighttpd.net/https://redmine.lighttpd.net/favicon.ico?13667327412007-03-02T18:22:29Zlighty labsLighttpd - Feature #921: Client SSL Authentication Modulehttps://redmine.lighttpd.net/issues/921?journal_id=21032007-03-02T18:22:29ZLars
<ul></ul><p>'''lighttpd-1.4.13_ssl_client_verify_0.2.patch:'''</p>
<p>client validation is controlled with two new config options:</p>
<pre>
ssl.verify-peer (boolean, default = "disable")
ssl.verify-depth (short, default = 9)
</pre>
<p>If verification is turned on lighttpd disconnects all clients<br />which do not provide a valid client certificate.<br />Note: You will also need the CA file which provides the root<br />certificate for validation:</p>
<pre>
ssl.ca-file = "/path/to/ca.crt"
</pre>
<p>example SSL section in 'lighttpd.conf' looks like this:</p>
<pre>
ssl.engine = "enable"
ssl.use-sslv2 = "disable"
ssl.pemfile = "/etc/lighttpd/server.pem"
ssl.ca-file = "/etc/lighttpd/ca.crt"
ssl.verify-peer = "enable"
ssl.verify-depth = 1
</pre> Lighttpd - Feature #921: Client SSL Authentication Modulehttps://redmine.lighttpd.net/issues/921?journal_id=21042007-05-22T21:09:36ZAnonymous
<ul></ul><p>Lars,</p>
<p>Will this patch set all of the environment variables that one would expect to see when using SSL client certificates?</p>
<p>Thanks,</p>
<p>Stan McFarland<br /><a class="email" href="mailto:sfmcfar@gmail.com">sfmcfar@gmail.com</a></p>
<p>-- sfmcfar</p> Lighttpd - Feature #921: Client SSL Authentication Modulehttps://redmine.lighttpd.net/issues/921?journal_id=21052007-08-06T01:02:15Znmaier
<ul></ul><p>Ported to trunk, enhanced and backported to 1.4.x: <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: SSL Client Certificate validation. (Fixed)" href="https://redmine.lighttpd.net/issues/1288">#1288</a></p>
<p>Thanks Lars for pointing me in the right direction. :D</p> Lighttpd - Feature #921: Client SSL Authentication Modulehttps://redmine.lighttpd.net/issues/921?journal_id=65572009-11-05T21:50:05Zstbuehler
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Fixed</i></li></ul><p>Applied in changeset r2688.</p>