I have an SSL enabled website which requires client certificates using Cold Fusion (Current Version is 8, upgrading to 9). We currently use the CGI variable CERT_SUBJECT to extract a user's common name from their client certificate from the website (Using IIS 6.0). We use this Common Name value to determine who the user is, however I have new requirements which state I can no longer utilize the Subject Field, I must use a value located in Subject Alternative Name Field if it exists. Is there a way to programmatically sift through the current client certificate being used in the current session and read all existing fields and their values that exist within that client certificate?
1
Reply
AdChoices