Chapter 2 - Authentication

OAuth

Github

WebID + TLS

Apache

WebID + TLS is setup over apache using

    SSLVerifyClient optional_no_ca
    SSLOptions +ExportCertData

    <Location /webid.php>
        SSLVerifyClient optional_no_ca
        SSLVerifyDepth 5
    </Location>

Using PHP it should give a client cert in the form:

[SSL_CLIENT_CERT] => -----BEGIN CERTIFICATE-----
MIID0zCCArugAwIBAgIBATANBgkqhkiG9w0BAQUFADBaMR4wHAYDVQQKDBVNZWx2
aW4gQ2FydmFsaG8gV2ViSUQxHjAcBgNVBAsMFU1lbHZpbiBDYXJ2YWxobyBXZWJJ
RDEYMBYGA1UEAwwPTWVsdmluIENhcnZhbGhvMCAXDTExMDUyMjIzNDYxNVoYDzIx
MTEwNDI4MjM0NjE1WjBaMR4wHAYDVQQKDBVNZWx2aW4gQ2FydmFsaG8gV2ViSUQx
HjAcBgNVBAsMFU1lbHZpbiBDYXJ2YWxobyBXZWJJRDEYMBYGA1UEAwwPTWVsdmlu
IENhcnZhbGhvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15h1iv0I
RPNmj4jnKOc1s06UcG283Hq4WDFAK7BDqIUIp9fE60Ytr9kX5tMFj1lZfFRzn4ML
v/n/XXQMkGrEgO/j4cnQqOV96BqYen/QwbaLS0yh5DSuwHxPQ80EiobghdKPabPp
fIRNOu23ScJzY58Kv+89WCn+hWd7NDZHARMuRFm5WswzRwT4DE3j4OefIazygsQB
5z5+V3+7wZWpETLiFcQRGRuuPGftHD0Sk0qahRO76Kr8bgJHAaFZW4SMH+W19qyT
iR4znj0YHUizpXroYrUAlqQFcN3ns/qfFJpy9bx9XcIAmc0mAV4g9/PcYRtm8seE
mX2ZO5iZx6/SXwIDAQABo4GhMIGeMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
BAQDAgLsMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQUXHRZDe7aHINGkUQB
J4E3rXEEAmcwHwYDVR0jBBgwFoAUXHRZDe7aHINGkUQBJ4E3rXEEAmcwKAYDVR0R
BCEwH4YdaHR0cDovL21lbHZpbmNhcnZhbGhvLmNvbS8jbWUwDQYJKoZIhvcNAQEF
BQADggEBADn4lx3bgBt04WpKQvc7AB0Vvi+1Fjv6JNHMGn3sXsNC61fT6VQmV0Py
yXXAz5dYpS8QKVJSP620fnI5tT7UnzsJoWSR8aOSLywik2Mc+91BQrRgsiyuuIkQ
exP040mREgyK63Daip9CjmTjFNxupg5j8I1MpsLS1fHXE94hZg1PfyJGCbzGLAUf
+hhMD9zs3KKNqpuBCJbNfftkc9frLeFZ+22syZ1sXadQ6ze5MjcqhDyAkdPEi4kb
e41DqJBOeBqCTCloKHM6pcPKdQyTiK+sv1DHKdg694Qg5etHzLkhQp84C0E9fek1
rIQTuVUIAAWs9T2oRHxD8NAg0s0rthI=
-----END CERTIFICATE-----

In order to get the key details in php use:

    $data = openssl_pkey_get_public ( $_SERVER['SSL_CLIENT_CERT'] );
    $key = openssl_pkey_get_details($data);
    $rsa = $key['rsa'];

    print_r($key);

    foreach ($rsa as $value) {
      echo bin2hex($value);
    }