PHPackages ingria/laravel-x509-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ingria/laravel-x509-auth ActiveLibrary[Authentication & Authorization](/categories/authentication) ingria/laravel-x509-auth ======================== Laravel 5 Client Certificate auth middleware v1.1.0(8y ago)375.6k11MITPHPPHP >=7.0.0 Since Oct 6Pushed 8y ago2 watchersCompare [ Source](https://github.com/ingria/laravel-x509-auth)[ Packagist](https://packagist.org/packages/ingria/laravel-x509-auth)[ RSS](/packages/ingria-laravel-x509-auth/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)DependenciesVersions (3)Used By (0) Client certificate authentication middleware for Laravel 5 ========================================================== [](#client-certificate-authentication-middleware-for-laravel-5) Also known as X.509 client authentication. ### How does it work [](#how-does-it-work) 1. You have a user in your app. For example, `Admin:admin@yourapp.tld` 2. You generate a certificate for that user. Make sure you're using `admin@yourapp.tld` for certificate's `emailAddress` field. 3. This package allows `Admin` to use your app without ever logging in. 4. All users including `Admin` can still use plain password auth. > **Pro tip**: you can also [use any other certificate attributes](https://github.com/ingria/laravel-x509-auth/wiki/Using-other-cert-attributes) for authentication, not only `emailAddress` (like `id` or `username`). I don't think you need this package in that case, but anyway 🤷. Prerequisites ------------- [](#prerequisites) Please don't blindly copy-paste the commands. It's important for you to know what you're doing. ### 1. Generate CA and Client certificate [](#1-generate-ca-and-client-certificate) Generating Certificate Authority: ``` openssl genrsa -out ca.key 2048 openssl req -new -x509 -days 3650 -key ca.key -out ca.crt ``` Generating client certificate and signing it with your CA. When asked for the email, enter email of your app's user which will be autheticated with this certificate. ``` openssl req -new -utf8 -nameopt multiline,utf8 -newkey rsa:2048 -nodes -keyout client.key -out client.csr openssl x509 -req -days 3650 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt ``` Optionally, generate a PKCS certificate to be installed into the browser, mobile or whatever: ``` openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.p12 ``` ### 2. Configure your web-server [](#2-configure-your-web-server) This example is for NGINX with FastCGI. ``` server { ... ssl_client_certificate /etc/nginx/certs/Your_CA_Public_Key.crt; ssl_verify_client optional; location ~ \.php$ { ... fastcgi_param SSL_CLIENT_VERIFY $ssl_client_verify; fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn; } } ``` You can also add pass some other useful params, see resources below. #### Resources [](#resources) - [NGINX docs on ssl\_verify\_client](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_verify_client) - [NGINX docs on SSL module variables](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#var_ssl_client_verify) Installation ------------ [](#installation) ### 1. Install the package [](#1-install-the-package) This assumes that you have composer installed globally: ``` composer require ingria/laravel-x509-auth ``` ### 2. Register middleware [](#2-register-middleware) Add `\Ingria\LaravelX509Auth\Middleware\AuthenticateWithClientCertificate::class` to your `routeMiddleware` array in `app/Http/Kernel.php`. For example, you can call it `auth.x509`, by analogy with Laravel's `auth.basic` name: ``` // app/Http/Kernel.php ... protected $routeMiddleware = [ // a whole bunch of middlewares... 'auth.x509' => \Ingria\LaravelX509Auth\Middleware\AuthenticateWithClientCertificate::class, ]; ``` #### Resources [](#resources-1) - [Laravel docs on registering a middleware](https://laravel.com/docs/5.5/middleware#registering-middleware) Usage ----- [](#usage) Just add the middleware's name to any route or controller instead of default `auth`. For example: ``` // routes/web.php Route::get('/', 'YourController@method')->middleware('auth.x509'); ``` #### Resources [](#resources-2) - [Laravel docs on assigning a middleware](https://laravel.com/docs/5.5/middleware#assigning-middleware-to-routes) - [Laravel docs on protecting routes](https://laravel.com/docs/5.5/authentication#protecting-routes) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 35 — LowBetter than 79% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity34 Limited adoption so far Community12 Small or concentrated contributor base Maturity59 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~73 days Total 2 Last Release 3067d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a660e98804e315e4abc1dda305d0f676250d80a7064a95bafd35c8229970d3b7?d=identicon)[ingria](/maintainers/ingria) --- Top Contributors [![ingria](https://avatars.githubusercontent.com/u/2178368?v=4)](https://github.com/ingria "ingria (2 commits)") --- Tags authenticationclient-certificatelaravelmiddlewarex509laravelx509authcertificate ### Embed Badge ![Health badge](/badges/ingria-laravel-x509-auth/health.svg) ``` [![Health](https://phpackages.com/badges/ingria-laravel-x509-auth/health.svg)](https://phpackages.com/packages/ingria-laravel-x509-auth) ``` ### Alternatives [orchestra/auth Auth Component for Orchestra Platform 24108.5k3](/packages/orchestra-auth)[codebot/entrust This package provides a flexible way to add Role-based Permissions to Laravel 1596.6k](/packages/codebot-entrust)[setiawanhu/sanctum-auth Laravel package for generating user authentication feature using Laravel Sanctum 132.8k](/packages/setiawanhu-sanctum-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)