Feature #387

rest-in client certificates

Added by Madars Vitolins 5 months ago.

Status:NewStart date:02/20/2019
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-

Description

To handle client cetificates, we might want:

- support for "ubf2raw" mode.
- load

- EX_X509_AUTHORITYKEYID
- EX_X509_BASICCONSTRAINTSVALID
- EX_X509_CRLDISTRIBUTIONPOINTS
- EX_X509_DNSNAMES
- EX_X509_EMAILADDRESSES
- EX_X509_EXCLUDEDDNSDOMAINS
- EX_X509_EXCLUDEDEMAILADDRESSES
- EX_X509_EXCLUDEDIPRANGES
- EX_X509_EXCLUDEDURIDOMAINS
- EX_X509_EXTKEYUSAGE
- EX_X509_EXTRAEXTENSIONS
- EX_X509_ISCA
- EX_X509_ISSUINGCERTIFICATEURL
- EX_X509_KEYUSAGE
- EX_X509_MAXPATHLEN
- EX_X509_MAXPATHLENZERO
- EX_X509_NOTAFTER
- EX_X509_NOTBEFORE
- EX_X509_OCSPSERVER
- EX_X509_PERMITTEDDNSDOMAINS
- EX_X509_PERMITTEDDNSDOMAINSCRITICAL
- EX_X509_PERMITTEDEMAILADDRESSES
- EX_X509_PERMITTEDIPRANGES
- EX_X509_PERMITTEDURIDOMAINS
- EX_X509_POLICYIDENTIFIERS
- EX_X509_SERIALNUMBER
- EX_X509_SIGNATUREALGORITHM
- EX_X509_SUBJECT
- EX_X509_SUBJECTKEYID
- EX_X509_URIS
- EX_X509_UNKNOWNEXTKEYUSAGE
- EX_X509_OCC [ 0 - client, 1 - server]

in the buffer.

- allow to specify a root certificates for the rest-in to validate clients

- specify action if client is not validated.

Also available in: Atom PDF