Hi, I’m doing that, but I’m only seeing:
UNIQUE_ID=YP9xAZOmSQReVqTcpfpviwAAAAA SSL_TLS_SNI=... GATEWAY_INTERFACE=CGI/1.1 SERVER_PROTOCOL=HTTP/1.1 REQUEST_METHOD=POST QUERY_STRING= REQUEST_URI=/enrollment/requestEnrollment SCRIPT_NAME=/enrollment PATH_INFO=/requestEnrollment PATH_TRANSLATED=/var/www/html/requestEnrollment HTTP_HOST=... HTTP_ACCEPT_ENCODING=identity CONTENT_LENGTH=2182 CONTENT_TYPE=multipart/form-data; boundary=45462e42764e55dee1dcc972b3e274b5 HTTP_USER_AGENT=python-urllib3/1.26.4 SERVER_SIGNATURE= SERVER_SOFTWARE=Apache/2.4.48 () OpenSSL/1.0.2k-fips mod_wsgi/3.4 Python/3.7.10 SERVER_NAME=... SERVER_ADDR=... SERVER_PORT=443 REMOTE_ADDR=... DOCUMENT_ROOT=/var/www/html REQUEST_SCHEME=https CONTEXT_PREFIX= CONTEXT_DOCUMENT_ROOT=/var/www/html SERVER_ADMIN=root@localhost SCRIPT_FILENAME=/var/www/scripts/enrollment.wsgi REMOTE_PORT=54857 mod_wsgi.process_group= mod_wsgi.application_group= mod_wsgi.callable_object=application mod_wsgi.request_handler=wsgi-script mod_wsgi.handler_script= mod_wsgi.script_reloading=1 mod_wsgi.listener_host= mod_wsgi.listener_port=443 mod_wsgi.input_chunked=0 mod_wsgi.enable_sendfile=0 mod_wsgi.queue_start=1627353345662030 wsgi.version=(1, 0) wsgi.multithread=False wsgi.multiprocess=True wsgi.run_once=False wsgi.url_scheme=https wsgi.errors=<_io.TextIOWrapper encoding='utf-8'> wsgi.input=<mod_wsgi.Input object at 0x7f4bc43e5770> wsgi.file_wrapper=<built-in method file_wrapper of mod_wsgi.Adapter object at 0x7f4bb03ad2b0> mod_wsgi.version=(3, 4) werkzeug.request=<Request 'https://.../enrollment/requestEnrollment' [POST]> So the +ExportCertData doesn’t seem to be doing anything. What am I missing? -Philip > On Jul 27, 2021, at 12:01 AM, Graham Dumpleton <[email protected]> > wrote: > > They are not passed as environment variables to the process. They are passed > in the WSGI environ dictionary. > > So don't use os.environ if that is what you are doing, you need to access > them from the Flask request environ. > > https://flask.palletsprojects.com/en/2.0.x/api/?highlight=environ#flask.Request.environ > > Graham > >> On 27 Jul 2021, at 3:19 pm, 'Philip Prindeville' via modwsgi >> <[email protected]> wrote: >> >> Hi, >> >> I’m using mod_wsgi 3.4, Python 3.7, Apache 2.4.48, and Flask 2.0.1 in my >> production environment. >> >> This is on Amazon Linux 2. >> >> I’m trying to figure out why the various SSL_* environment variables aren’t >> present when my script runs, even though I have: >> >> SSLOptions +StdEnvVars -FakeBasicAuth +ExportCertData +StrictRequire >> … >> SSLVerifyClient require >> SSLVerifyDepth 5 >> … >> >> Looking at the sources, the configure.ac file looks pretty trivial, so I >> don’t think it was built by Amazon with anything disabled. >> >> I’m trying to do authentication based on both Apache’s built-in certificate >> verification but also on the subject DN as an identity and attribute/value >> pairs. >> >> I couldn’t find any documentation on mod_ssl integration or debugging >> issues, other than mod_ssl needed to be loaded by mod_wsgi, which is the >> case in Amazon Linux 2. >> >> Can you please point me to any documentation about using SSL with mod_wsgi? >> >> Thanks, >> >> -Philip >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/90FF96C3-B45F-4F61-9901-A5B97B1B35AF%40truepic.com. > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/0443D3CE-F9D3-4776-BFC3-6D29615EE850%40gmail.com. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/B4881F3C-94CF-4DC9-A6B6-09BD219743D3%40truepic.com.
