Plugin Directory

!This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Client Certificate Authentication

Authenticating with a SSL Client Certificate by using the email address. Optionally, new accounts can be created with the name from the certificate.

How should I set up client certificate authentication?

This depends on your hosting environment and your means of authentication. The plugin uses the $_SERVER environment variables SSL_CLIENT_S_DN_Email (beginning with) for the email address and SSL_CLIENT_S_DN_CN for the name. A working example is given below:

In Apache HTTP (non-HTTPS) config add:

RewriteEngine On
RewriteRule ^/(wp-(admin|login\.php).*) https://%{HTTP_HOST}/$1

In Apache HTTPS config:

<Location /wp-login.php>
    SSLVerifyClient optional
    <IfModule mod_rewrite.c>
        RewriteEngine   on
        RewriteCond  %{HTTP_USER_AGENT}  .*Safari.*
        RewriteCond  %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
        RewriteRule  .* /wp-admin [redirect,last]
<Location /wp-admin>
    SSLVerifyClient require

Also make sure to set SSLCACertificatePath and enable CRL checks.

Requires: 3.1 or higher
Compatible up to: 3.5.2
Last Updated: 2 years ago
Active Installs: 40+


5 out of 5 stars


Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1