API to fetch channel binding (SSL) information?

Dan White dwhite at olp.net
Wed Nov 10 12:41:20 EST 2010

On 10/11/10 08:50 -0800, William Mills wrote:
>Is there an API to be able to fetch the SSL peer certificate?  I'm looking at doing channel binding.  Alternatively has anyone looked at the challenges to adding this as a supported option to sasl_getprop()?

The SASL library doesn't, itself, participate in the SSL/TLS negotiation,
so it does not have access to any certificate information unless it it
passed to it by the calling application (in the form of an authentication

This thread should have more information:


Dan White

More information about the Cyrus-sasl mailing list