0

I have done a bit of searching on this topic and have not found something showing what I want to do. I am sure that my query is wrong, but don't know how to word it.

My VPS is configured with Centos 7, LAMP and OpenSSL 1.0.1e-fips.

My domain is secured with TLS and scores A on https://www.ssllabs.com/ssltest. Would be an A+ like my other domains, but I think that it cannot get past the CAC authentication part to test for HST.

Anyways, I would like to detect that a smart card is inserted before going to authentication. If card is not inserted I would like to redirect to another page.

Is this possible?

Any help or links would be greatly appreciated.

Thanks, SUB

EDIT: I have the CAC authentication working on domain.

subcan
  • 2,021
  • 2
  • 18
  • 21

1 Answers1

1

Not really possible with a plain browser, unless you have some plugin to detect the presence before starting TLS.

The closest I know is playing with nginx 49X errors (forget Apache): http://nginx.org/en/docs/http/ngx_http_ssl_module.html#errors

Martin Paljak
  • 4,119
  • 18
  • 20
  • Martin's right -- this isn't possible, and even if possible is unlikely to be worth checking, as it would be hard for even a plugin to detect the difference between a cached public certificate in a user keystore vs. an unlocked SmartCard sitting in a reader. That is, with a *lot* of work you might cover 50% of the use cases, but was that worth the effort vs the liability of now having to maintain that plugin, its dependencies, etc.? Most likely you can invest elsewhere in improving your UX. – Sean Baker Sep 27 '15 at 15:03