With a colleague, I'm working on a service (currently implemented as a listener with a number of request handlers in cpprest-sdk on Linux) that needs to make certain additional checks (i.e. allow only a subset of certificates) for the certificate of an active client request. Therefore, we need a way to get from the http_request that the handler receives to the underlying SSL/TLS connection to retrieve the client certificate used to connect. As soon as we have that client certificate (preferably in a way that can be put into a X509_STORE from OpenSSL), we know how to proceed, but so far, we have found no way from the http_request we receive to the connection certificate. Is this at all possible?
Asked
Active
Viewed 123 times
