Using fields in X.509 cert for authorization

Asked Feb 08 '21 at 21:07

Active Feb 08 '21 at 21:07

Viewed 48 times

I understand that X.509 certificates are used for authentication.

How can I use the information provided in an X.509 certificate for authorization? For example, are there any fields in the certificate that can be checked by the server to determine whether that user can access a resource once authenticated?

Thanks

asked Feb 08 '21 at 21:07

Dr. Lecter

1

Yes, the CA can encode whatever in the client certificate and the server can parse the certificate to extract permissions. But be careful! https://news.ycombinator.com/item?id=25382544 – Z.T. Feb 08 '21 at 21:45
Thanks @Z.T. but which field would be used to encode that info? – Dr. Lecter Feb 08 '21 at 22:59

Using fields in X.509 cert for authorization

0 Answers0