httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <>
Subject Re: [users@httpd] mod_ssl, client certificates and r->username
Date Fri, 21 Jan 2011 11:11:11 GMT
On Fri, Jan 21, 2011 at 11:07 AM, Martin Kuba <> wrote:
> Hi Tom,
> the normal access log does not contain SSL information. If you want it,
> create a special log using the directive CustomLog, i.e.
> CustomLog "|/usr/bin/cronolog /var/log/apache2/%Y/%m/%d/ssl_request.log"
> "%v:%p %h %l %u %t \"%r\" %>s %b \"%{User-Agent}i\"

Ah, see that's the thing - they can also authenticate in other ways, I
was slightly simplifying the situation. I was hoping that I could get
the same user information into the access logs regardless of how they

> See  for
> details.
> By the way, I suggest you to replace the "SSLVerifyClient require" with
> SSLVerifyClient optional
> ErrorDocument 403 /certneedederror.html
> The big advantage is that when something goes wrong, the user will get
> a web page with a nice error message you have written, instead of some weird
> browser popup dialog window with an internal SSL error code.

Yes, that is much better! Thanks :)



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message