Wowza Community

Setting up WSE for SSL Client Authentication?

We need to be able to access a users client certificate information when a stream is requested to be able to authenticate/authorize the user via a custom modaul we have implemented. Does anyone first know how to configure WSE to require client authentication? And then, can we access the certificate information via the Java X509Certificate class?

Checking for you…

This is not an easy thing to set up according to the engineers and unfortunately not something we currently have support for, but you may be able to have it built.

Feel free to check out our Pro Services division where we can discuss building custom configurations. You can also try posting here in the Hire A Consultant forum.

Thanks @Rose Power-Wowza Community Manager, we have came up with our answer. Using Nginx to proxy, it grabs the incoming client certificate for stream request, creates needed header vars that are accessed in WSE module. We make web service call from module that contains the WSE server cert for auth handshake and the requesting users identity, all over SSL point to point. We would like to be able to access the WSE token for the requested stream in the module as well. We can see it in the logs, and therefore assume it is accessible via a class or function? Sooo close…