httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Plüm, Rüdiger, VF-Group" <ruediger.pl...@vodafone.com>
Subject RE: mod_ssl: inserting cert parameters into headers
Date Fri, 19 Nov 2010 13:19:54 GMT
 

> -----Original Message-----
> From: Graham Leggett 
> Sent: Freitag, 19. November 2010 14:00
> To: dev@httpd.apache.org
> Subject: mod_ssl: inserting cert parameters into headers
> 
> Hi all,
> 
> For a while we've been relying on our load balancers to 
> terminate SSL  
> for us, and place details of client certs into HTTP headers before  
> passing a connection backwards (through a further SSL protected  
> connection).
> 
> We're in a situation where we want to use httpd instead of a load  
> balancer for this, and I've noticed that we can't place cert  
> parameters into headers like the load balancer can, but are rather  
> limited to placing the information into the CGI environment only.
> 
> Being extensible, ideally we should have a hook which is called that  
> takes the SSL parameters, and then offer default 
> implementations that  
> insert the information into the CGI environment, and insert the  
> information into the request headers, or any other possible  
> implementation as the admin requires it in some external module.
> 
> Most specifically, if SSLOptions +StdEnvVars is specified, the hook  
> gets called with the data, and an implementation writes them to the  
> subprocess environment, or headers_in, as appropriate (and as  
> configured).

Does 

RequestHeader add some_header %{SSL_ENVIRONMENT_VARIABLE}s

not work for you?

Regards

Rüdiger


Mime
View raw message