I've got another newbie question around Rhoconnect authentication, and I'd appreciate input from anyone who can help!
I'm looking to use a client SSL certificate (and a server certificate) to secure communication between Rhoconnect client and server. To tell NGINX to check for a valid client certificate I can add the following lines to the nginx configuration....
So far so good. But what I want to do is make the distinguished name (dn) attribute from the certificate available to my authenticate method. Nginx makes this information available in a built-in variable. I'm not sure how to get that passed to the Rhoconnect thin instance, and to my application.rb in particular. I guess I could push it into the HTTP(s) header or something, but I'm not even really sure where/how to access that.
I've managed to find an example for doing this for PHP invoked through fastcgi - but I've not been able to figure out how to translate this to ruby/Rhoconnect. For php you'd do this (allegedly)...
fastcgi_param DN $ssl_client_s_dn;
It strikes me as something that could be really useful to other enterprise users, so someone must be doing it.