httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <>
Subject Re: [users@httpd] Forwarding client Certficates from mod_ssl to a distant mod_jk through HTTPHeaders.
Date Fri, 06 Feb 2004 09:50:24 GMT
On Tue, Feb 03, 2004 at 01:56:08PM +0100, wrote:
> But the main issue is about storing a client certificate in a HTTP 
> header : When mod_ssl writes the certificate as an environment 
> variable, it produces a multi-line output and the RequestHeader 
> directive isn't able to transfer it into a correct multi-line HTTP 
> header.

> I saw in the httpd-dev mailing-list archive that there was a patch in 
> apache 2.0 submitted, but it does not seem to have been integrated 
> (

Hi - I looked at the solution Maik presented, it does seem a little like
overkill.  After all: the SSL_CLIENT_CERT variable is already a base64
representation of the certificate.

I wonder whether the simplest fix would be to change mod_headers to
handle multi-line env.vars correctly; either by sending them over
multiple lines correctly, or by flattening them on to a single line.

Another alternative would be to extend mod_ssl to produce a single-line
equivalent of SSL_CLIENT_CERT directly. (just directly converting the
DER cert into a base64 string without the PEM wrapping)

Would both of those work for whatever you do with the cert the other



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message