tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tapio Niemi <tapio.ni...@necora.fi>
Subject Adding SSL information into access log
Date Fri, 28 Oct 2011 12:31:23 GMT
Hi,

How do I configure Tomcat to put certain information related to SSL 
request into access log? In particular, I need to log the client 
certificate's O, OU, and CN fields, or if that's not possible, at least 
the serial number of the certificate.

For example, in Apache httpd I can do:

LogFormat "%h %{SSL_CLIENT_M_SERIAL}x %{SSL_PROTOCOL}x %{SSL_CIPHER}x"

I already tried:
pattern="%{SSL_CLIENT_M_SERIAL}r %h %l %u %t &quot;%r&quot; %s %b"
on access log valce configuration, which caused server not to start, and
pattern="%{CLIENT_AUTH}r %h %l %u %t &quot;%r&quot; %s %b",
which just causes "-" to appear on the log.
Also tried %{SSL_CLIENT_M_SERIAL}x and s with varying results.

I've been searching FAQ, Howtos, Access Log Valve reference and even 
some of the javadocs for answer to no avail without direct answer, only 
being able to make guesses how this would work. I'm running Tomcat 
7.0.22 configured to require client certificate authentication, which 
itself is working fine.

Thanks in advance!

-Tapio Niemi

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message