$Web Cert Levels: Difference between revisions
m (1 revision) |
mNo edit summary |
||
| Line 2: | Line 2: | ||
<span class="pageSubtitle"><section begin="desc" />Determine number of client certificate levels<section end="desc" /></span> | <span class="pageSubtitle"><section begin="desc" />Determine number of client certificate levels<section end="desc" /></span> | ||
$Web_Cert_Levels retrieves the number of certificate levels in a received client certificate. | |||
==Syntax== | ==Syntax== | ||
<p class="syntax"><section begin="syntax" /> %LEVELS = $Web_Cert_Levels | <p class="syntax"><section begin="syntax" /> %LEVELS = $Web_Cert_Levels | ||
<section end="syntax" /></p> | <section end="syntax" /></p> | ||
$Web_Cert_Levels takes no arguments and returns a number. For a non-SSL connection or a connection in which the client certificates are optional (SSLCLCERT set on the JANUS DEFINE as opposed to SSLCLCERTR) and the client chose not to send a certificate, $Web_Cert_Levels returns a 0. | $Web_Cert_Levels takes no arguments and returns a number. For a non-SSL connection or a connection in which the client certificates are optional (SSLCLCERT set on the JANUS DEFINE as opposed to SSLCLCERTR) and the client chose not to send a certificate, $Web_Cert_Levels returns a 0. | ||
Revision as of 20:33, 22 February 2011
<section begin="desc" />Determine number of client certificate levels<section end="desc" />
$Web_Cert_Levels retrieves the number of certificate levels in a received client certificate.
Syntax
<section begin="syntax" /> %LEVELS = $Web_Cert_Levels <section end="syntax" />
$Web_Cert_Levels takes no arguments and returns a number. For a non-SSL connection or a connection in which the client certificates are optional (SSLCLCERT set on the JANUS DEFINE as opposed to SSLCLCERTR) and the client chose not to send a certificate, $Web_Cert_Levels returns a 0.
For an SSL connection where the client sent a certificate, $Web_Cert_Levels will return a number greater than 0. Level 0 of a certificate always contains the client information. Level 1 contains the information for the "signer" of the client certificate. Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.
Since all certificates accepted by Janus Network Security must be signed, $Web_Cert_Levels will always be greater than or equal to 2 if non-zero. Level 3 would indicate a certificate that includes an intermediate certificate.
For information on the data that can be retrieved for each certificate level see $Web_Cert_Info. To learn more about client certificates see the Janus Network Security Reference Manual.