Authentication with client certs

Has anyone attempted authenticating web users using client certificates
instead of username/password? Any success?
I’d like to be able, in the autoreply template, to send the requestor a
link to the ticket they just openend, and, if they have a certificate,
they can access their ticket(s), without having to type a password
(since they’re already authenticated by virtue of having the certificate)

If anyone has tried anything like this, I’d be interested in seeing any
examples of code and/or configuration settings.



Hey Seph,
Thanks for the reply!

  1. … and passes cert into to cgi scripts
    is this just the “SSLOptions +StdEnvVars” directive?
  1. define RT’s Web Canonicalize function to manipulate the cert
    variables appropriately. I have it return a slightly normalized
    version of the email address.
    Yeah… I guess this is the part I couldn’t figure out… do you have some
    code/conf file stuff you could send me?