httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Conner <...@conman.org>
Subject Re: [users@httpd] can it log who login the site with certificate in apache?
Date Thu, 30 Apr 2009 08:53:03 GMT
It was thus said that the Great Buddy wu once stated:
> when setup apache using ssl, and require a client certificate to login,
> then in apache's logfile. can log the user who access the website with
> certificate? and which certificate he use, like name, email etc.thanks alog

  In my Apache config file, I defined the following:

LogFormat "%h %l \"%{SSL_CLIENT_S_DN}x\" %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
sslcombined

And in the configuration for the secure site:

<VirtualHost 66.252.224.242:443>
  ServerName            secure.conman.org
  CustomLog             /home/spc/web/logs/s-secure.conman.org sslcombined

  ...

</VirtualHost>

  You may want to play around with what you log.  Some examples:
	
	SSL_CLIENT_S_DN
	SSL_CLIENT_S_DN_C
	SSL_CLIENT_S_DN_ST
	SSL_CLIENT_S_DN_L
	SSL_CLIENT_S_DN_O
	SSL_CLIENT_S_DN_OU
	SSL_CLIENT_S_DN_CN

  But it really depends upon the fields defined for the certificate.

  -spc


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message