Hi, I have an Apache1 webserver running under Linux with mod_ssl and PHP5.0.4 (debian dotdeb backport).
I have users logging in via SSL, presenting a client certificate: SSLVerifyClient require SSLCACertificateFile path/to/CAcert.crt .. and everything works at this point. My question is how to retrieve any kind of information regarding the current SSL connection with PHP, thereby being able to identify the different clients uniquely (I'm not interested in who they are, just to be able to store and present different information for the users). This might be based on the serial in the client certificate. A phpinfo() only shows that $_SERVER['HTTPS'] has been set to "on". The mod_ssl-refrence shows though that a lot of other environment variables should be present: http://www.modssl.org/docs/2.1/ssl_reference.html#ToC23 .. but I can't seem to retrieve this information anywhere. I haven't tried apache_getenv() since I'm not running Apache2. I don't know if variables such as SSL_CLIENT_M_SERIAL are available here. I have searched the web, in php.general and comp.lang.php without success. The closest info was a reply from Christ Shiflett: http://marc.theaimsgroup.com/?l=php-general&m=103828683828825&w=2 Notice that it is my own site that is running under SSL. I am not trying to connect to a SSL-enabled site using PHP; my users are connecting to my site (with their browsers and certificates). I don't think the openssl functions could be helpful here. -- - Peter Brodersen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
