question about SSL certificates and PHP

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm trying to design an application in an SSL environment that uses the
cURL functions.  I know that cURL supports the passing of a
certificate, but how can I dynamically obtain a "copy" of the client
certificate that the user used to authenticate?  My goal is to have the
user present his/her client certificate when they invoke my web app,
and then "pass" that certificate onto cURL.

I guess a more generic way of asking this question is: how can I access
the current client certificate on the server?  Is there some
environmental variable that holds the entire certificate, as opposed to
the numerous SSL env variables that hold all the certificate piece

Or is what I'm trying to do not possible?


Stan McFarland

Re: question about SSL certificates and PHP wrote:
Quoted text here. Click to load it

Suppose it was possible, don't you think this would undermine the whole
idea that's behind SSL certificates (to uniquely identify

Also the whole SSL process is handled in the webserver and client
inbetween the network protocol and HTTP, SSL is transpartent to your
scripts (other than the couple of variables that optionally get set by
the httpd).

Site Timeline