Willy, Thanks for you help. Your suggestion worked! What tripped me was the lack of an example involving ssl_c_sha1 in the documentation. The easiest way to improve would be to the line you sent me to the list of other SSL examples.
Thanks, ‹aydan On 5/28/14, 5:47 PM, "Willy Tarreau" <[email protected]> wrote: >Hi, > >On Wed, May 28, 2014 at 08:47:11PM +0000, Yumerefendi, Aydan wrote: >> Hi, >> >> I am trying to extract the sha1 hash of the client certificate and to >>pass it >> to the backend server. My configuration has this line: >> >> http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1] >> >> However, this does not seem to produce a string of the form "aabbcc..." >>as >> the examples I've seen on the web. Instead, it appears to write the raw >>sha1 >> hash bytes. The downstream server, node.js, appears to treat these >>value as >> utf8 strings. > >Indeed, the doc says it's binary, so if you want it in hex, you just need >to >chain the hex converter : > > http-request set-header X-SSL-Client-SHA1 >%{+Q}[ssl_c_sha1,hex] > >The binary form is more suited to stick tables for example as it takes >half >of the space. > >Do you think we could improve the doc one way or another to make this >easier >to find ? Maybe with more examples ? Do not hesitate to suggest >adaptations >or even patches! > >Regards, >Willy >
