$Web Cert Levels: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
Line 14: | Line 14: | ||
<li>For an SSL connection where the client sent a certificate, <var>$Web_Cert_Levels</var> will return a number greater than 0. Level 0 of a certificate always contains the client information. Level 1 contains the information for the "signer" of the client certificate. Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on. | <li>For an SSL connection where the client sent a certificate, <var>$Web_Cert_Levels</var> will return a number greater than 0. Level 0 of a certificate always contains the client information. Level 1 contains the information for the "signer" of the client certificate. Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on. | ||
<li>Since all certificates accepted by ''[ | <li>Since all certificates accepted by ''[http://www.sirius-software.com/maint/download/jansslr.pdf Janus Network Security]'' must be signed, <var>$Web_Cert_Levels</var> will always be greater than or equal to 2 if non-zero. Level 3 would indicate a certificate that includes an intermediate certificate. | ||
<li>For information on the data that can be retrieved for each certificate level see <var>[[$Web_Cert_Info]]</var>. To learn more about client certificates see the ''Janus Network Security Reference Manual''. | <li>For information on the data that can be retrieved for each certificate level see <var>[[$Web_Cert_Info]]</var>. To learn more about client certificates see the ''Janus Network Security Reference Manual''. |
Revision as of 23:34, 18 October 2012
<section begin="desc" />Determine number of client certificate levels<section end="desc" />
$Web_Cert_Levels retrieves the number of certificate levels in a received client certificate.
Syntax
<section begin="syntax" />%levels = $Web_Cert_Levels <section end="syntax" />
Usage notes
- For a non-SSL connection or a connection in which the client certificates are optional (SSLCLCERT set on the JANUS DEFINE as opposed to SSLCLCERTR) and the client chose not to send a certificate, $Web_Cert_Levels returns a 0.
- For an SSL connection where the client sent a certificate, $Web_Cert_Levels will return a number greater than 0. Level 0 of a certificate always contains the client information. Level 1 contains the information for the "signer" of the client certificate. Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.
- Since all certificates accepted by Janus Network Security must be signed, $Web_Cert_Levels will always be greater than or equal to 2 if non-zero. Level 3 would indicate a certificate that includes an intermediate certificate.
- For information on the data that can be retrieved for each certificate level see $Web_Cert_Info. To learn more about client certificates see the Janus Network Security Reference Manual.