> -----Original Message-----
> From: Graham Leggett
> Sent: Freitag, 19. November 2010 14:00
> To: [email protected]
> Subject: mod_ssl: inserting cert parameters into headers
>
> Hi all,
>
> For a while we've been relying on our load balancers to
> terminate SSL
> for us, and place details of client certs into HTTP headers before
> passing a connection backwards (through a further SSL protected
> connection).
>
> We're in a situation where we want to use httpd instead of a load
> balancer for this, and I've noticed that we can't place cert
> parameters into headers like the load balancer can, but are rather
> limited to placing the information into the CGI environment only.
>
> Being extensible, ideally we should have a hook which is called that
> takes the SSL parameters, and then offer default
> implementations that
> insert the information into the CGI environment, and insert the
> information into the request headers, or any other possible
> implementation as the admin requires it in some external module.
>
> Most specifically, if SSLOptions +StdEnvVars is specified, the hook
> gets called with the data, and an implementation writes them to the
> subprocess environment, or headers_in, as appropriate (and as
> configured).
Does
RequestHeader add some_header %{SSL_ENVIRONMENT_VARIABLE}s
not work for you?
Regards
Rüdiger
