| From: | Blake Rich <blaric(at)gmail(dot)com> |
|---|---|
| To: | pgsql-admin(at)lists(dot)postgresql(dot)org |
| Subject: | Certificate Authentication method question about mapping |
| Date: | 2023-09-28 02:34:58 |
| Message-ID: | CANwurDtf3-UtLA=pRSMMiwjMjDgLVPk1S8FRZqLyJfWnxQ2sMQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Recently our CA updated their S/MIME certificates. We've used them for
both email as well as certificate authentication with mapping in
postgresql. However our options for certificates ended up shifting to an
Organization certificate, where the person's name is no longer the CN of
the cert, but rather the CN is the Organization's name. Is there any way
with certificate mapping to use a field other than CN to map to a database
user? I've searched the archives and online and can't find any details
indicating any way to do so, but I'm hopeful.
Old certs that worked to filter out the first name as the username had
CN = firstname lastname
E = firstname.lastname@<org>.<com>
New certs have
CN = <org name>
E = firstname.lastname@<org>.<com>
I can't seem to figure out how to look at the E = field or even if it is
possible. Any insight would be greatly appreciated.
Thanks!
Blake
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Deepak Goel | 2023-09-28 05:51:14 | Re: Terminating connection because of crash of another server process |
| Previous Message | Deo Felix | 2023-09-27 19:15:40 | Re: Terminating connection because of crash of another server process |