[prev in list] [next in list] [prev in thread] [next in thread]
List: postgresql-admin
Subject: Re: Certificate Authentication method question about mapping
From: Laurenz Albe <laurenz.albe () cybertec ! at>
Date: 2023-09-28 6:10:08
Message-ID: 19f87c6646f3acbf092ae2cea51beb2f0ae4c492.camel () cybertec ! at
[Download RAW message or body]
On Wed, 2023-09-27 at 20:34 -0600, Blake Rich wrote:
> Recently our CA updated their S/MIME certificates. We've used them for both email \
> as well as certificate authentication with mapping in postgresql. However our \
> options for certificates ended up shifting to an Organization certificate, where \
> the person's name is no longer the CN of the cert, but rather the CN is the \
> Organization's name. Is there any way with certificate mapping to use a field \
> other than CN to map to a database user? I've searched the archives and online \
> and can't find any details indicating any way to do so, but I'm hopeful.
> Old certs that worked to filter out the first name as the username had
>
> CN = firstname lastname
> E = firstname.lastname@<org>.<com>
>
> New certs have
>
>
> CN = <org name>
> E = firstname.lastname@<org>.<com>
>
> I can't seem to figure out how to look at the E = field or even if it is possible. \
> Any insight would be greatly appreciated.
I don't think that's possible, short of modifying PostgreSQL.
Yours,
Laurenz Albe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic