From modperl-return-63147-apmail-perl-modperl-archive=perl.apache.org@perl.apache.org  Wed Feb  6 16:57:16 2013
Return-Path: <modperl-return-63147-apmail-perl-modperl-archive=perl.apache.org@perl.apache.org>
X-Original-To: apmail-perl-modperl-archive@www.apache.org
Delivered-To: apmail-perl-modperl-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 592C2E5A0
	for <apmail-perl-modperl-archive@www.apache.org>; Wed,  6 Feb 2013 16:57:16 +0000 (UTC)
Received: (qmail 62161 invoked by uid 500); 6 Feb 2013 16:57:15 -0000
Delivered-To: apmail-perl-modperl-archive@perl.apache.org
Received: (qmail 62116 invoked by uid 500); 6 Feb 2013 16:57:14 -0000
Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:modperl-help@perl.apache.org>
list-unsubscribe: <mailto:modperl-unsubscribe@perl.apache.org>
List-Post: <mailto:modperl@perl.apache.org>
List-Id: <modperl.perl.apache.org>
Delivered-To: mailing list modperl@perl.apache.org
Received: (qmail 62105 invoked by uid 99); 6 Feb 2013 16:57:14 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Feb 2013 16:57:14 +0000
X-ASF-Spam-Status: No, hits=2.2 required=5.0
	tests=HTML_MESSAGE,NORMAL_HTTP_TO_IP,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: local policy)
Received: from [208.67.228.98] (HELO DC1EXCHANGE.nuspire.net) (208.67.228.98)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Feb 2013 16:57:07 +0000
Received: from DC1EXCHANGE.nuspire.net ([::1]) by DC1EXCHANGE.nuspire.net
 ([::1]) with mapi id 14.01.0438.000; Wed, 6 Feb 2013 11:56:45 -0500
From: Timothy Gallagher <timothy.gallagher@nuspire.com>
To: "modperl@perl.apache.org" <modperl@perl.apache.org>
Subject: Question on how execution order of Mod_Persl 
Thread-Topic: Question on how execution order of Mod_Persl 
Thread-Index: Ac4EivG3ysoCk8a3TcOfTDRGXwCCIA==
Date: Wed, 6 Feb 2013 16:56:45 +0000
Message-ID: <D7EB9FCB1FC7B14286643FC9581AE9D20C572035@DC1EXCHANGE.nuspire.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.31.1.171]
Content-Type: multipart/related;
	boundary="_004_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_";
	type="multipart/alternative"
MIME-Version: 1.0
X-Virus-Checked: Checked by ClamAV on apache.org

--_004_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_
Content-Type: multipart/alternative;
	boundary="_000_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_"

--_000_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hello all,
I have a question for you that I am needed some help/guidance on.  I am not=
 sure if this is a question for Apache, perl or mod_perl, I believe this is=
 the correct place to ask.  I am building a reverse proxy server that authe=
nticates a user via the client SSL certificate that is presented to Apache.

When a person connects to https:// alpha.dev.home.com/ssl, they are request=
ed to present a client SSL cert to the server.  Using Mod_Perl, I then get =
the client certificate information and do some internal processing to verif=
y the user. If the user is good, I want to then continue the request by act=
ing as a reverse proxy servers for internal apache servers.

I have all these processes working except not in the correct order.  Here i=
s the order that the items are happening.
A user will connect to https:// alpha.dev.home.com/ssl. The user is present=
ed with a request for a client certificate.  When the user presents the cer=
tificate, they are then allowed access to the backend (private apache web s=
erver). At the same time, mod_perl is processing their client SSL certifica=
te.

Am I able to have the dictate the order of how a request in apache with mod=
_perl I processed meaning

1.       Request comes in

2.       Customer needs to present a client SSL certificate

3.       Mod_perl takes the client certificate information and processes th=
e information for authentication

4.       Depending the outcome of the authentication process, allow the ses=
sion to continue or drop the connection.

Here is the code that I am using for testing
-----[Begin Apache Config]-----
<VirtualHost alpha.dev.home.com>
                # Get the required enviorment
                PerlRequire /opt/perlEngine/startup.pl
                # SSL Requirements
                SSLEngine on
                SSLProtocol +SSLv3 +TLSv1
                SSLCertificateFile /opt/certs/server/alpha@danati.home.com-=
cert.pem
                SSLCertificateKeyFile /opt/certs/server/alpha@danati.home.c=
om-key.pem
                SSLCACertificateFile /opt/certs/ca/BlackSands-Refereence-CA=
-cacert.pem
                SSLVerifyClient require
                SSLOptions +StdEnvVars +ExportCertData +FakeBasicAuth

                <Location /ssl>
                                SetHandler perl-script
                                PerlResponseHandler MyTest::SSLAuth
                                ProxyRequests off
                                ProxyPass /ssl http://10.10.10.100
                                ProxyPassReverse /ssl http://10.10.10.100
                </Location>
</VirtualHost>
-----[End Apache Config]-----


-----[Begin MyTest::SSLAuth ]-----

package MyTest::SSLAuth;
#use Apache2::ModSSL;
use Apache2::RequestRec ();
use Apache2::RequestIO ();
use Digest::SHA qw(sha256_hex);
use Apache2::Const -compile =3D> qw(OK);
use Data::Dumper;

sub handler {
                my $r =3D shift;
                $r->content_type('text/plain');
                my $c=3D$r->connection;
                my $cert =3D $r->subprocess_env('SSL_CLIENT_CERT');
                my $serial =3D $r->subprocess_env('SSL_CLIENT_M_SERIAL');
                my $dn =3D $r->subprocess_env('SSL_CLIENT_S_DN');
                my $sig =3D $r->subprocess_env('SSL_CLIENT_A_SIG');
                if($sig !=3D 89765479){
                                ....DoSomthing ......
                }
                return Apache::OK;
}
1;
-----[End MyTest::SSLAuth ]-----


Thank you,
Tim

Timothy F. Gallagher
Senior SAT Engineer
Nuspire Corporation
www.nuspire.com<http://www.nuspire.com>
[cid:image001.jpg@01CD97DA.7C4258C0]<http://nuspire.com/>


--_000_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 12 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:"Comic Sans MS";
	panose-1:3 15 7 2 3 3 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
	{mso-style-priority:99;
	mso-style-link:"Balloon Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:8.0pt;
	font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
span.BalloonTextChar
	{mso-style-name:"Balloon Text Char";
	mso-style-priority:99;
	mso-style-link:"Balloon Text";
	font-family:"Tahoma","sans-serif";}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:1463039352;
	mso-list-type:hybrid;
	mso-list-template-ids:-2042959374 67698703 67698713 67698715 67698703 6769=
8713 67698715 67698703 67698713 67698715;}
@list l0:level1
	{mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"2050" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">Hello all,<o:p></o:p></p>
<p class=3D"MsoNormal">I have a question for you that I am needed some help=
/guidance on.&nbsp; I am not sure if this is a question for Apache, perl or=
 mod_perl, I believe this is the correct place to ask.&nbsp; I am building =
a reverse proxy server that authenticates a
 user via the client SSL certificate that is presented to Apache.&nbsp; <o:=
p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">When a person connects to https:// alpha.dev.home.co=
m/ssl, they are requested to present a client SSL cert to the server.&nbsp;=
 Using Mod_Perl, I then get the client certificate information and do some =
internal processing to verify the user.
 If the user is good, I want to then continue the request by acting as a re=
verse proxy servers for internal apache servers.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">I have all these processes working except not in the=
 correct order.&nbsp; Here is the order that the items are happening.<o:p><=
/o:p></p>
<p class=3D"MsoNormal">A user will connect to https:// alpha.dev.home.com/s=
sl. The user is presented with a request for a client certificate.&nbsp; Wh=
en the user presents the certificate, they are then allowed access to the b=
ackend (private apache web server). At
 the same time, mod_perl is processing their client SSL certificate.&nbsp; =
<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Am I able to have the dictate the order of how a req=
uest in apache with mod_perl I processed meaning
<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"mso-list:Ignore">1.<span style=
=3D"font:7.0pt &quot;Times New Roman&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;
</span></span><![endif]>Request comes in <o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"mso-list:Ignore">2.<span style=
=3D"font:7.0pt &quot;Times New Roman&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;
</span></span><![endif]>Customer needs to present a client SSL certificate<=
o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"mso-list:Ignore">3.<span style=
=3D"font:7.0pt &quot;Times New Roman&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;
</span></span><![endif]>Mod_perl takes the client certificate information a=
nd processes the information for authentication<o:p></o:p></p>
<p class=3D"MsoListParagraph" style=3D"text-indent:-.25in;mso-list:l0 level=
1 lfo1"><![if !supportLists]><span style=3D"mso-list:Ignore">4.<span style=
=3D"font:7.0pt &quot;Times New Roman&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;
</span></span><![endif]>Depending the outcome of the authentication process=
, allow the session to continue or drop the connection.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Here is the code that I am using for testing<o:p></o=
:p></p>
<p class=3D"MsoNormal">-----[Begin Apache Config]-----<o:p></o:p></p>
<p class=3D"MsoNormal">&lt;VirtualHost alpha.dev.home.com&gt;<o:p></o:p></p=
>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Get the required enviorment<o:p></=
o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; PerlRequire /opt/perlEngine/startup.=
pl<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # SSL Requirements<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEngine on<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLProtocol &#43;SSLv3 &#43;TLSv1<o:=
p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLCertificateFile /opt/certs/server=
/alpha@danati.home.com-cert.pem<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLCertificateKeyFile /opt/certs/ser=
ver/alpha@danati.home.com-key.pem<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLCACertificateFile /opt/certs/ca/B=
lackSands-Refereence-CA-cacert.pem<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLVerifyClient require<o:p></o:p></=
p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLOptions &#43;StdEnvVars &#43;Expo=
rtCertData &#43;FakeBasicAuth<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;Location /ssl&gt;<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SetHandler perl=
-script<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; PerlResponseHan=
dler MyTest::SSLAuth<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyRequests o=
ff<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPass /ssl =
http://10.10.10.100<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPassRevers=
e /ssl http://10.10.10.100<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/Location&gt;<o:p></o:p></p>
<p class=3D"MsoNormal">&lt;/VirtualHost&gt;<o:p></o:p></p>
<p class=3D"MsoNormal">-----[End Apache Config]-----<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">-----[Begin MyTest::SSLAuth ]-----<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">package MyTest::SSLAuth;<o:p></o:p></p>
<p class=3D"MsoNormal">#use Apache2::ModSSL;<o:p></o:p></p>
<p class=3D"MsoNormal">use Apache2::RequestRec ();<o:p></o:p></p>
<p class=3D"MsoNormal">use Apache2::RequestIO ();<o:p></o:p></p>
<p class=3D"MsoNormal">use Digest::SHA qw(sha256_hex);<o:p></o:p></p>
<p class=3D"MsoNormal">use Apache2::Const -compile =3D&gt; qw(OK);<o:p></o:=
p></p>
<p class=3D"MsoNormal">use Data::Dumper;<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">sub handler {<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $r =3D shift;<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $r-&gt;content_type('text/plain');<o=
:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $c=3D$r-&gt;connection;<o:p></o:p=
></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $cert =3D $r-&gt;subprocess_env('=
SSL_CLIENT_CERT');<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $serial =3D $r-&gt;subprocess_env=
('SSL_CLIENT_M_SERIAL');<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $dn =3D $r-&gt;subprocess_env('SS=
L_CLIENT_S_DN');<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my $sig =3D $r-&gt;subprocess_env('S=
SL_CLIENT_A_SIG');<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if($sig !=3D 89765479){<o:p></o:p></=
p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ....DoSomthing =
......<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<o:p></o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return Apache::OK;<o:p></o:p></p>
<p class=3D"MsoNormal">}<o:p></o:p></p>
<p class=3D"MsoNormal">1;<o:p></o:p></p>
<p class=3D"MsoNormal">-----[End MyTest::SSLAuth ]-----<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">Thank you,<o:p></o:p></p>
<p class=3D"MsoNormal">Tim<o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt"><o:p>&nbsp;</o:p></=
span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
mic Sans MS&quot;">Timothy F. Gallagher<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
mic Sans MS&quot;">Senior SAT Engineer<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
mic Sans MS&quot;">Nuspire Corporation<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:&quot;Co=
mic Sans MS&quot;"><a href=3D"http://www.nuspire.com"><span style=3D"color:=
blue">www.nuspire.com</span></a></span><o:p></o:p></p>
<p class=3D"MsoNormal"><a href=3D"http://nuspire.com/"><span style=3D"color=
:#1F497D;text-decoration:none"><img border=3D"0" width=3D"180" height=3D"54=
" id=3D"Picture_x0020_1" src=3D"cid:image001.jpg@01CE0459.7E31DAC0" alt=3D"=
cid:image001.jpg@01CD97DA.7C4258C0"></span></a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_--

--_004_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_
Content-Type: image/jpeg; name="image001.jpg"
Content-Description: image001.jpg
Content-Disposition: inline; filename="image001.jpg"; size=5582;
	creation-date="Wed, 06 Feb 2013 16:56:45 GMT";
	modification-date="Wed, 06 Feb 2013 16:56:45 GMT"
Content-ID: <image001.jpg@01CE0459.7E31DAC0>
Content-Transfer-Encoding: base64

/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAAA8AAD/4QNtaHR0cDov
L25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENl
aGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4
OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjAtYzA2MCA2MS4xMzQ3NzcsIDIwMTAvMDIvMTItMTc6
MzI6MDAgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5
OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiIHht
bG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIiB4bWxuczpzdFJlZj0i
aHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBlL1Jlc291cmNlUmVmIyIgeG1sbnM6eG1w
PSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bXBNTTpPcmlnaW5hbERvY3VtZW50SUQ9
InhtcC5kaWQ6Nzg0M0I5REM1OUREREYxMUEwREFDNzE2RTRFMzVDQkQiIHhtcE1NOkRvY3VtZW50
SUQ9InhtcC5kaWQ6RjQzNERFOEJERERDMTFERjk3NURFMjMxRkJBQ0IxM0YiIHhtcE1NOkluc3Rh
bmNlSUQ9InhtcC5paWQ6RjQzNERFOEFERERDMTFERjk3NURFMjMxRkJBQ0IxM0YiIHhtcDpDcmVh
dG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBXaW5kb3dzIj4gPHhtcE1NOkRlcml2ZWRGcm9t
IHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6Nzg0M0I5REM1OUREREYxMUEwREFDNzE2RTRFMzVD
QkQiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6Nzg0M0I5REM1OUREREYxMUEwREFDNzE2RTRF
MzVDQkQiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBh
Y2tldCBlbmQ9InIiPz7/7gAOQWRvYmUAZMAAAAAB/9sAhAAGBAQEBQQGBQUGCQYFBgkLCAYGCAsM
CgoLCgoMEAwMDAwMDBAMDg8QDw4MExMUFBMTHBsbGxwfHx8fHx8fHx8fAQcHBw0MDRgQEBgaFREV
Gh8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx//wAARCAA2
ALQDAREAAhEBAxEB/8QApgAAAgMBAQEAAAAAAAAAAAAAAAgFBgcEAwIBAQACAwEAAAAAAAAAAAAA
AAAFBgEDBAIQAAEDAgQDBQQFBwoHAAAAAAIBAwQRBQASBgchMRNBUSIUCGFxMhWBsVIjFpFCYnIz
ZRehweGCkrKzJGSkQ1PDtEUmGBEAAgEDAgMGBQQDAQAAAAAAAAECEQMEIQVxEhMxQVFhIiOBscFy
M5GCFBXRMkJi/9oADAMBAAIRAxEAPwBqcAGADABgAwAYAMAGADABgAwAYAMAGADACq+oLUG5ULc2
XHsNyvMa2pFjKDUByULCGoLmVEaXJVV54mcKFt2/UlU1Tm0zfNpJN0k7a6dfurr71xchgUp2Upk+
R8aq4p+KvvxG5KSuOnZU2RehbsaDIYAMAGADABgBYtP+qnVL+qIkO9w7ZDspSFCdLAJGdtka1Iau
Embh3Yl57dHlqq1NKuo4tV+rHV0mc8mlrdGg2tsqNvzAJ98kT840EhbCv2eNO/Hq3t0UvU9R1kTG
2vqlusy+RbTrKJGCNMcFlu6REJrpOGuUVebIjRQVVRFIVSndjXf29JVgZV1DCX+e9brFcbgyIk9D
ivPtidcqk02RohUotKpiMgqtI2sXrbf1La51Pray2KfbbazEuT3SfcYF9HBTpkfhzOknMe1MSd/A
hCDkm9DWrlWMniKNgrrXql18eqAtS2y1+XK4JDU8kjP01kdKv7WmbL7MS72+HLWr7DV1EMfqbUlp
01Ypl8uzvRgQg6jxImYl40ERHtIiVBRO/EXbtuckl2mxugsd89V2vp0429O2qJCiqq9AHW3JUlR7
yykAV9iDw71xLQ26CXqZq6pzQvVPulAlCN1gQJIIqKbDjDsZxR9hIa096iuPT2621o2OqMftxuJZ
deadC8WwSZMD6MyG4qK4w8iIqgqp8SUWol2p+TEVfsO3KjNkZJmcb5b5aq0DqmHabRCgyY8iEMoz
lC6poZOuBROm4CUoCdmOrExI3IttvtMSnQrV89WU9jTdrC2W+M/qWSwjtzdLqJDjuES0abDNncPL
RV8dE9vZthtycnV+kx1EVuyerHcONNE7tDgXGFmTrMNtnHdQe1ANDNEX9YVxunt0GtG0Y6gzmitZ
2TWOno98szinFfqJtnwcadH42nB40If6U4YiLtpwlys2J1Ml3b361Zo3W0ixW2DBfiNMMui5IF5X
Kuiqqi5HASn0YkMXBjchzNs5b2Q4Soavt/qGZqPRdnvk1ttqVcI4vPNsoqNiRV4DmUlp71xwX7ah
NxXcdFuXNFMwFj1Uavb1WNvuEC2MWhueseXJEJCuBGB5QM0+9VMyAleXPEk9ujy1TdaHjqoitQ+r
DXLt5ecscSFEtDZr5ZiS0brxtpyJ0kcGirzoPL249w26FNa1HWQwB7iM2PbeDq7WIBBffjMuvw41
TVX3xzAy0JLVSXuVeHGq0SuIzoc1xxhqbHKiqxfb76r9wZk0vkkCFbolV6LToHKfUf0yzANf1RxJ
w26CWrbNfVJfRfqzvIT24+sbcw5ANcrk6AJg61+kTJEaGidqCqL7+WPF3bVT0PUK6hkvnNq+UfOf
NN/Kuh5rzuZOl0MufqZvs5eOIrldad5tqIRBtC3LUUe3IuVZs0I+ZOadZ5Ar9GbFplpGvgiHV2ro
PdadK6dtNlbskC3sNWwG+ksbIKiY0ovUqnjUvzlLniryuSk6t6kwopKgjuv7HFs2tb/bIQdOLCnP
txQr8LaGqgP9VOGLNYblCLfeiIu3eWTQ614cN7b2c4a1Ny0ukS+0oyquK5Be4uP1JVv018hP9kWM
u6Wl1pyk/wDRPE/mL2pEbYu1mkPDitEqIPHY/wDfWlp/5gV/3eLS4+3+36EQr3q+I1PqOs1xum10
wYIE6UR9iVIaBFUiZaLx8E55c2ZfdiDwJJXVUkMmvJoLvtLujJ29ny32rYzcY89GxfzF03xRutOk
7Q6IubiKpx4Yl8nE6qWtKHBbyuU1O+brbJ7jxYkDV0SbbDYcRxqSQp4FoqEPXY6hoBdtRRMcMMS/
adYUZ0fyrc9Hoattzo7b/T9tck6MBtYlwQFdltPnIR3p1yqpEZpUcy8scF+7ck6T7UdVtRpWIv8A
6sW824FsX91h/wBw7iU21e2+Jz5E6SL36YtvrJH0kmqpUVuRdrg86Md9wUNWWGjVtBbr8KkQkpKn
Phjm3C8+flXYjbYVVU8vVDt/ZXdLhquJFbj3SE+01KebFB6zDxZKOU+IgNRUVXsqmG3Xnzcr7GYy
FRVK16SLxIZv18sal/lZMYJoh2I6yaNEqfrC4lfdjducPSpHjHuVbRA+pBuu6kxf9LF/uLjr21ey
uLI7PnS4MTs4lNrtNJ3Qg+tcQuZ+WXElcZ1toS28wzd1FcGgT7x2c+Ae8nyRPrxYoL0rgRsr2tBy
7PsvtzC03HssixRJiNgKSJTrQk+66iJmcV79oiqXcXDliuyy7jlWrJVWklQxf1XXZ9/U9nsQlSFB
h+a6KcE6r5kFfoBqie9cSW2W/S5eZx5d2kkiQ2G1XtFpHTHmLtPZj6lmuOLMNxl5xwGhJRabExbJ
EHKmZaLxVeOPGbYvTlovSjNjItpavUrHqBum2moZ1vvOk5TT1ycU2rqLLTjSGKIitOlnAEUkWo15
8u7G7Bt3Ypqa07jxkX4PWLPT8QXT/wCY/l/UXpfPPllarXy2TzmT3Z+FO7DpL+TX/wA1+g63tV86
FQ0nHpr6zL3XWMv+4HEheXtP7X8iGtXPcX3L5jx4qJaxJ92I+bcfUy9857Fsw17UeBV8u5S7LiNx
NbJzb99sUqR2kxFPasZUxWo/l/d9SxP8f7foKLtM4zB3G05JfMWmQlgJOEtBTOiglVXlxLFlzIVt
Sp4FexbtLqr4jo3K4wrbAfnznhYiRgVx501RBERTvXFVhFydF2lllJRVX2CNWgVf1ZBkUp1ri07T
9eQhfz4t040g+BVoXazXEdDWGt9OaShNS76+bLMg1aZyNOO5jRM2XwISJw78VaxjzuukSy3r8Lar
Iym26M2Q3RkXFyyRZFpnxlQ3iYyxlNHK/eCwquNqNefhTjiQndyMenNqjhhCxkV5dGUrcn09u6Ss
ci+xLwEyDHIEcYeb6T33hoCZVQiE1qXcmOrF3BXZKLjRnNlYTtxck9CS9LdyuLGqLnaRMltr8RZL
jP5ovNuAAmncqiaovfw7sed2trkUu+pna7rc3HuocHqpCuvbav7sD/Hdxja17b4m3cJ0muBonpl1
Rb5mh/kCvCNxtTztY6qiGTDxq4Lgp2pmNRXu+nHHudlxuc3czpwbylCneg9TmooETQo2NXRW4XSQ
0oMIqZkZZPqG4qdg5hQfpw2y03c5u5DOuqMKd7KP6UrO+epr1dsq+XjQxi5+zqPuIdP7LWOrdZUi
l5mjb3zSbIn1ENZtzpa/6WN/cx1bWvZXFkfukqXRgdokptpp1O6GH1riDzfzS4k5hv2o8BSPKoWu
aLyW7cfplYstPb/b9CvdT3PiPNioFqFh9UVneDWluuWVehLgi0J9mdhw8w/2XBxYNpknba8GQW6V
jNPxRJbObUbZ6w0kEqe285eozjjVwbCQYU8Sq0WRF4CTdOPei4152VdtTov9e7Q24Vi3dhV/7Hdr
Hb70/aQnxYN6Cc2/LAnBRp553IAqiZjQVzJmXlw7Fx4sX8m6m400Pd+3j2mlKpM/I9iv4Z9Pzb34
Q+Z+Y62aTn890enl+Dqfs+ylK41c2R1ez108uw9+x0u30V8+0p1i2P3Ah6pt9wfgtDGjzmZDpJIa
VUbB5DVaIteSYkbu42XbaT1p4EVa22+ribWlV3oZbFaLOLhrrZTXt31febnChNORJklx1g1faFVE
uSqirVMWPG3CzC3GLeqXgVvK2+9O65JaN+KGFt8Ym7XGjPimYGAbdDmlUBBJMV6brJtFhgqRSfgL
lrb0+akg3N97TrKXG1OmpstCYi80KrXIQmooSDyRUXFixt0tyjSekiuZW13IyrD1RPaxbM7m6gVi
LqSbIg2VlUq3JkK+WUexplDMUXuUqUxi7n2LesEnLgerOBkXNJtqPE8i2H1nG1YkiDAbS0MT0cjE
UhtS8uDyECqirmrkTGf7K07dG/VTw7zH9beVyqXpr49xvmsNJWrVdhfs1yFei7Qm3RpnadH4HAr2
p/KnDEDYvytTUkT9+xG7BxYvk7Y7czTly81YTWV01XozYLyMPZV+0JEBJ7URVTFghuNi5Gk9PJor
s9uyLcqw14M+JO2m9mpnG2bwkp1oFqJXCUKtAvLNlzmv5BxlZeLb1jT4Iw8TLu6Sr8WbPtZtfC0P
b3lJ0Zd3mU83KFMooI/C02i8cqLxr2r9GIXNzHefhFE3hYasx8ZMxv1QNZtc25f3aH+O7iU2he2/
u/wR26ypcXD/ACRdh2X1FdtF2vVmlZJfMz6wyYnU6DlW3jBDYdqKcRFKiqp7+zGy7mwhccJrQ8Ws
ScranB6njA2L3UvlzrcohxlNUR+4T3xNUTv4E44dOymMyz7EFo6+SMRwr03qv1GT0BoW1aL081aL
fVwq9WXKJKG88SIhGqcaJwoKdiYgMjIldlzMnbFhW48qMs3b2n1pqTWr91tURt6G4yy2Jk82C5gG
heElRcS2BnWrdpRk9SG3DBu3LvNFaGsaAtE6zaMtFrngjcyJHFp8BJCRCSvIk4LiKyrinclJdjZL
4ttwtxi+1IwYdjtwU1Ok/wAi15ZJ/mM3mGq9Pr560rX4cTv9jZ6dK608CB/rr/U5qaV8UMxitFmK
1r/Qlr1nYitk1VZdAurDliiKTTqJStF5iqcCTtx04uTKzPmRzZWMr0OVmAvbM7rabuBPWYXHCSoh
Nt0hGyIfaik2ae6mJ5Z+PcXq/Ror8sDJtv0/qme1q2K3E1Dc/M38lhA4tZE2Y6j75In2RQjJV7sy
omMXNysW40hr5I9W9tv3JVnpxN3/AId6Z/BX4P8ALr8p6XT5/eZ65+tm/wCZn8Ve/wBmIL+VPqdT
/onv4sOn0/8Aks2OY6QwAYAMAGADABgAwAYAMAGAFv8AUlEee1pAIGyNEtwJURVU/bO92LHs9Ok/
u+iK1vNeqvt+rNO2RVYu1lvJwCTpLKMhVKLRH3F5LiL3P87+HyJXa/wL4/M6om7FpkN2+UttnNW2
4ujGC4ONgjQvEqigLQ1VeXFUSmOGhIHVdtyLbAnTY7UCZOj2tUS6zYwCTUdVStCqQqSinEsqcMKA
4Z2vbiOu4FrhRHpVqfhpIFWQFSeV2ig8JESfdAi0XlxwoDrPdLTwW20TzbfELvIKM22qDnaNs8hq
74uCCqpyrhQHRM3FsUP5uT4PI1Z3m4rjgihdaQ6lUZZRFqRJ21phQBa9wIUqU/BmwJdquLMcpYRJ
YCJOsgiqpNqJKiqlOKYUBWtQ7lSLpou43CxxZ0AW2mnGbo4AC3nV8GzaBalmJELswoCywde2t7zy
ADr0O0R0cuN0FBWOhiGYmwVFzGaduVMKA+rBrkbvKjNJaJ0WPNBXYc1wANkxFK+MmiPpqqckLGAW
fABgAwAYAMAGADABgAwAYAMAGADAHhcERYElK0q0fFeSeFe7AGRpGa/hPpZvzbOULoyqPUdyEvXd
8I/d56+8UTGQRt/+VxdRajBlI1xCVJMnHZBT2QiO/wDGB4GQQHQ50VFxkFnbHpa50u7ZCjSQWzi0
kerzSJFVzi82piXBE+ESLN9eMAq9yt9gW7aiV+5tDbDGb8kHI/QJhONK/SjdPA4gj4VXnwwBIhb4
a7fsAd0bG+jfEddddbfVs7mhLRhz7tDSoU8WWlcAS0kbnL1gzK1KUa2z27ZLbtduYJx9XKtl1nXH
EDIIilaJWuAORyO1/AJpkZLWTpj/AJmjvTr5uvLJ1OfD4MO8Hto2PFaG8fheVHkaWfiJ1/OC8jMe
aDVCzI6IdRsx4uUXhgCE0GkSVrG3rZ0bt3llNbn5A5j8WV4VSgiTXSbGvHxH7sGDb8YB/9k=

--_004_D7EB9FCB1FC7B14286643FC9581AE9D20C572035DC1EXCHANGEnusp_--