httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Scott Kirby <>
Subject [users@httpd] mod_ssl support for SAN variables of URI type
Date Sun, 03 Mar 2019 17:09:29 GMT
Hi folks,

First time posting to the list, so be gentle if I'm off-base here, but here goes: it appears
as though mod_ssl doesn't currently provide variables for certain client certificate SAN formats.
 It appears to currently support DNS, email, and otherName.  I am working on a project that
requires certificate policy filtering based on client SAN in URI format.  The details can
be found here:

Looking at the source code in the mod_ssl git hub repository, it appears as though this functionality
(providing access to a SSL_CLIENT_SAN_URI_n variable type) is well within reach (seems like
adding it to the switch clause with the other AI5 strings in ss_util_ssl.c and exporting it
as a variable in ssl_engine_vars.c would do the trick), but has simply not been implemented

With that said, I'm wondering what the appropriate action is for me to initiate this enhancement?
Is this something I should create a Bugzilla entry for?  Thanks in advance,

Scott Kirby
Interoperability Developer
PCC - Physicians Computer Company

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message