httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <rpl...@apache.org>
Subject Re: mod_ssl: querying any certificate in the chain
Date Tue, 14 Jan 2014 19:41:14 GMT


Graham Leggett wrote:
> Hi all,
> 
> https://httpd.apache.org/docs/trunk/mod/mod_ssl.html#envvars described how we might query
many of the parameters in the current certificate, however I have a need to query parameters
in parent certificates in the chain, not just the primary certificate.
> 
> Most specifically, I am after the DN of the root certificate in the chain, which in the
past was the issuer in the client certificate, but in an environment with intermediate certs
this is no longer valid.
> 
> Would a syntax like this make some sense?
> 
> SSL_CLIENT_S_DN_n - Give me the subject DN of the nth certificate in the chain.
> SSL_CLIENT_S_DN_x509_n - Give me the element of the subject DN of the nth certificate
in the chain.

+1

Regards

RĂ¼diger


Mime
View raw message