I can't for the life of me find how to configure client certificate validation with Heroku SSL endpoint. Is is supported at all? Is there an alternative add-on that does support it?
2 Answers
1
votes
I asked their support about this and this was their answer: https://help.heroku.com/tickets/128194
So it would appear that server side verification of client certificates isn't supported by heroku right now if you rely upon their web server. I.e. having a server hosted on heroku check the client certificate provided by the connecting client. This requires a check at the web server level.
However I did come across this for nodejs: https://www.npmjs.org/package/client-certificate-auth
which would lead me to believe that for nodejs is should be possible, since you have full access to the http(s) server. I haven't tried it though
3
votes
You probably already have seen this: https://devcenter.heroku.com/articles/ssl-endpoint (it was updated on the same date you posted your question, though)
