CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)

Petite Abeille petite.abeille at gmail.com
Thu Jun 11 20:02:39 BST 2020

Previous message (by thread): CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)
Next message (by thread): CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> On Jun 10, 2020, at 05:53, Michael Lazar <lazar.michael22 at gmail.com> wrote:
> 
> TLS_CLIENT_AUTHORISED
> 
> Even though jetforce accepts unverified client certificates now, it will still
> check if the certificate is authorised anyway. This means both valid and trusted
> by the server's CA store. So this will be set to "1" for trusted and "0" for
> untrusted. I like this variable because it gives each CGI script the option to
> implement authentication however they want.

Is that the equivalent of SSL_CLIENT_VERIFY?

E.g.:

NONE: client has no cert 
SUCCESS = cert is valid 
GENEROUS = says only that some kind of certificate was sent at all 
FAILED:reason = auth with the cert failed

Previous message (by thread): CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)
Next message (by thread): CGI, SCGI and Certificates (was Re: [ANN] Gemini browser for iOS)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list