httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: SSL_CLIENT_S_DN and proxy
Date Wed, 12 May 2004 13:27:38 GMT
On Wed, May 12, 2004 at 01:09:03PM +0200, Marc Stern wrote:
> When using Apache as a proxy:
>   ( brower  --https-->  Apache + mod_proxy  --https-->  Web server )
> the Web server never receives the user's certificate info, because only the
> proxy is seen by the Web server. That means that all headers SSL_CLIENT_*
> contain the proxy certificate info, not the user certificate info.
> 
> Is there a way to get the user's certificate info ?

On the proxy use, e.g.:

SSLOptions +StdEnvVars
RequestHeader set X-Foo %{SSL_CLIENT_S_DN}e

and the client DN is passed through to the backend in the X-Foo header.

joe

Mime
View raw message