httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <oh...@cox.net>
Subject [users@httpd] Possible to add edited version of SSL_CLIENT_CERT variable to request header?
Date Wed, 04 Apr 2012 22:27:09 GMT
Hi, 
 
I am using Apache (2.2.x) as a proxy.  The Apache is enabled for 2-way/client-authenticated
SSL. 
 
In one situation (in a specific <Location> section), I need to be able to pass the PEM
of the client certificate to the proxied server, with a specific HTTP header name. 
 
I've actually been able to pass the raw PEM as an HTTP header using just the RequestHeader
directive: 
 
RequestHeader    set   "my_ssl_client_cert"    "%{SSL_CLIENT_CERT}e" 
 
But, that raw PEM has the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" strings
before and after the actual certificate PEM. 
 
I've been trying to figure out how to get just the certificate PEM into the HTTP header for
awhile, mostly using SetEnvIfNoCase, but when I try that, I always end  up with an empty string
or null in the header. 
 
Given that I seem to be able to get the PEM from the SSL_CLIENT_CERT envvar, it seems like
there SHOULD be a way to get that into a request header, but I haven't been able to do that
yet, and am truly stumped, so I was hoping that someone here might know how to do that? 
 
Thanks in advance, 
Jim 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message