From 3983a6e74d69ed38853c3e89616de3266dcca40d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 23 Nov 2012 10:17:51 -0500
Subject: [PATCH] X509 certificate authentication based on Kevin Anderson's implementation

---
 distrib/gitblit.properties |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties
index 1a5a61b..1562c51 100644
--- a/distrib/gitblit.properties
+++ b/distrib/gitblit.properties
@@ -69,6 +69,28 @@
 # SINCE 0.5.0
 git.enableGitServlet = true
 
+# If you want to restrict all git servlet access to those with valid X509 client
+# certificates then set this value to true.
+#
+# SINCE 1.2.0
+git.requiresClientCertificate = false
+
+# Enforce date checks on client certificates to ensure that they are not being
+# used prematurely and that they have not expired.
+#
+# SINCE 1.2.0
+git.enforceCertificateValidity = true
+
+# List of OIDs to extract from a client certificate DN to map a certificate to
+# an account username.
+#
+# e.g. git.certificateUsernameOIDs = CN
+# e.g. git.certificateUsernameOIDs = FirstName LastName
+#
+# SPACE-DELIMITED
+# SINCE 1.2.0
+git.certificateUsernameOIDs = CN
+
 # Only serve/display bare repositories.
 # If there are non-bare repositories in git.repositoriesFolder and this setting
 # is true, they will be excluded from the ui. 

--
Gitblit v1.9.1