Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not fail if client certificate is not provided #412

Open
borisreitman opened this issue Dec 21, 2022 · 3 comments
Open

Do not fail if client certificate is not provided #412

borisreitman opened this issue Dec 21, 2022 · 3 comments

Comments

@borisreitman
Copy link

borisreitman commented Dec 21, 2022
edited
Loading

I should be able to request client certificate, but still allow the connection if the certificate is not provided.
In Node.js I can have the desired behaviour by specifying these options to HTTPS server,

requestCert: true,
rejectUnauthorized: false,
@Lukasa
Copy link
Contributor

Lukasa commented Dec 21, 2022

What are you trying to achieve in this usage configuration?

@borisreitman
Copy link
Author

From an article referenced below, here is a quote:

"Then we tell it to accept requests with no valid certificate. We need this to handle invalid connections as well (for example to display an error message), otherwise, they would just get a cryptic HTTPS error message from the browser (ERR_BAD_SSL_CLIENT_AUTH_CERT to be precise)"

Reference: https://medium.com/@sevcsik/authentication-using-https-client-certificates-3c9d270e8326

@borisreitman
Copy link
Author

@Lukasa
I have implemented it, please review my pull request: #413

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@borisreitman @Lukasa