Skip to main content
WolfShade
WolfShade
Brainiac
June 9, 2016
Question

CAC-enabled site, "SSL_CLIENT_S_DN_Email" not working

  • June 9, 2016
  • 1 reply
  • 617 views

Hello, all,

My environment is Apache 2.4 on a Windows Server with CF10.  The production environment uses CACs (Common Access Card) as logins, and we have set Apache and CF so that a user's information can be accessed via CGI variables set from the CAC login.  However, we never had a need for access to a user's email address, until now.  (Things like user first/last name, and other things, are easily available, as of this writing.)

I did some research, and found that if we added jkvar SSL_CLIENT_S_DN_Email to the "mod_jk.conf" file and restarted the Apache service, we _should_ be able to access a user's email address from their CAC.  However, whenever I try to use this in the application, it is coming back as undefined.

Is there something else that we need to do in order to have access to the SSL_CLIENT_S_DN_Email value on a user's CAC?  Something in either Apache or CFAdmin?

V/r,

^_^

This topic has been closed for replies.

1 reply

WolfShade
WolfShadeAuthor
Brainiac
June 15, 2016

Has anyone else worked with CAC/PKI logins in Apache and CF??

V/r,

^_^

WolfShade
WolfShadeAuthor
Brainiac
June 21, 2016

I hate to bump topics up.  I very, VERY rarely ever do it.  But I'm running out of rope, on this.  I've Googled it several different ways, and never can seem to find instructions for getting this to work.

V/r,

^_^

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices