<li>CERT_BASE64 - PEM encoded client certificate</li>
<li>CERT_KEY3_DB - Netscape key3.db client certificate database file</li>
<li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
+ <li>CERT_PFX - PKCS#12 encoded client certificate (Novell SDK)</li>
<li>KEY_DER - binary DER encoded private key</li>
<li>KEY_BASE64 - PEM encoded private key</li>
+ <li>KEY_PFX - PKCS#12 encoded private key (Novell SDK)</li>
</ul>
</usage>
</directivesynopsis>
return APR_LDAP_CERT_TYPE_BASE64;
}
+ /* Client cert file in PKCS#12 format */
+ else if (0 == strcasecmp("CERT_PFX", type)) {
+ return APR_LDAP_CERT_TYPE_PFX;
+ }
+
/* Netscape client cert database file/directory */
else if (0 == strcasecmp("CERT_KEY3_DB", type)) {
return APR_LDAP_CERT_TYPE_KEY3_DB;
return APR_LDAP_KEY_TYPE_BASE64;
}
+ /* Client cert key file in PKCS#12 format */
+ else if (0 == strcasecmp("KEY_PFX", type)) {
+ return APR_LDAP_KEY_TYPE_PFX;
+ }
+
else {
return APR_LDAP_CA_TYPE_UNKNOWN;
}
return apr_psprintf(cmd->pool, "The certificate type \"%s\" is "
"not recognised. It should be one "
"of CERT_DER, CERT_BASE64, "
- "CERT_NICKNAME, "
- "KEY_DER, KEY_BASE64", type);
+ "CERT_NICKNAME, CERT_PFX,"
+ "KEY_DER, KEY_BASE64, KEY_PFX", type);
}
else if (APR_LDAP_CA_TYPE_DER == cert_type ||
APR_LDAP_CA_TYPE_BASE64 == cert_type ||
APR_LDAP_CA_TYPE_CERT7_DB == cert_type ||
APR_LDAP_CA_TYPE_SECMOD == cert_type ||
+ APR_LDAP_CERT_TYPE_PFX == cert_type ||
APR_LDAP_CERT_TYPE_KEY3_DB == cert_type) {
return apr_psprintf(cmd->pool, "The certificate type \"%s\" is "
"only valid within a "
projects / apache / commitdiff