Read TLS Client cert outside of authentication

Travis Dimmig tdimmig at
Fri Feb 28 22:32:17 CET 2014

Is it possible to read fields of the client cert divorced from the act of authenticating with it?  Specifically, I have a FreeRADIUS server that proxies the authentication requests to have the actual authentication done by another, but I want to be able to inspect the value of the CommonName from the server doing the proxying.  The examples in the post-auth section show exactly the kind of control I want, where the values of cert fields are populated in FreeRADIUS internal attributes, but I need access to them from the server that is otherwise just proxying the requests.

I thought of having the authentication server add the values back into the reply, but an ideal solution would not require any changes on the authentication server.

Travis Dimmig
Senior Software Developer
Impulse Point<>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list