On Thu, Jun 30, 2022 at 2:54 AM Graham Leggett <minf...@sharp.fm> wrote: > > I added this to httpd a while back: > > SSL_CLIENT_CERT_RFC4523_CEA > > It would be good to interoperate.
What kind of interoperation did you have in mind? Are there existing tools that want to scrape this information for observability? I think the CEA syntax might not be a good fit for this particular patch: first, we haven't actually verified the certificate, so no one should be using it to assert certificate equality (and I'm truncating the Issuer anyway, to avoid letting someone flood the logs). Second, this is designed to be human-readable rather than machine-readable. Thanks, --Jacob
