Hi Mattias, Maybe I was misunderstanding the man page. I reread it, and indeed, I see the statement that you wrote below.
But does that mean that if the certificate is on the server, there is no way to determine which cipher the client used? Furthermore, is there any way to get additional information in the X- headers? It would be nice to have X-forwarded-proto for instance (ie: http or https), cipher, cipher strength, the proxy's ip address itself. Are additional headers such as those existant and/or configurable? Thanks, Eric "Mattias Berge" <[email protected]> wrote in message news:[email protected]... > Is it in a ListenHTTP directive? About the X-SSL-cipher, it says "...if it > (the client) presents a client certificate Pound adds the following > headers.." > > Post your config and pound version, you've probably added the AddHeader > incorrectly > > > On Fri, Oct 9, 2009 at 5:45 PM, Eric B. > <[email protected]> wrote: > >> I didn't understand that I needed to do that based on the man pages, so I >> just tried it, but still get an unknown directive error: >> >> [r...@charliebrown ~]# /usr/sbin/pound >> starting... >> line 30: unknown directive "AddHeader X-SSL-cipher" - aborted >> >> I tried both >> AddHeader X-SSL-cipher >> and >> AddHeader "X-SSL-cipher" >> >> in the config file, but neither seemed to work. >> >> According to the man pages, the X-SSL* headers are supposed to be >> automaticcaly appended to the headers if it is an SSL request, but I >> can't >> seem to get any such headers added. >> >> Any ideas? >> >> Thanks, >> >> Eric >> >> "Mattias Berge" <[email protected]> wrote >> in >> message >> news:[email protected]... >> > Did you try 'AddHeader X-SSL-cipher'? >> > >> > On Fri, Oct 9, 2009 at 7:21 AM, Eric B. >> > <[email protected]> wrote: >> > >> >> Hi, >> >> >> >> According to the man pages and the web site, the X-SSL-cipher is added >> if >> >> the client connects via HTTPS. However, my redirected requests don't >> >> seem >> >> to contain any such headers even if the client is connecting via SSL. >> >> >> >> Additionally, according to the website, it says the X-SSL-cipher is >> added >> >> if >> >> the HTTPSHeaders is set. I didn't find anything such instructions in >> the >> >> man pages, but tried adding it in anyhow. However, pound doesn't >> >> start >> >> up, >> >> complaining that HTTPSHeaders 1 is an unknown directive. >> >> >> >> Has anybody used these headers before? Am I doing something wrong >> trying >> >> to >> >> get them added to my requests? >> >> >> >> Thanks, >> >> >> >> Eric >> >> >> >> >> >> >> >> >> >> -- >> >> To unsubscribe send an email with subject unsubscribe to >> >> [email protected]. >> >> Please contact [email protected] for questions. >> >> >> > >> > >> > >> > -- >> > Mattias Berge >> > Direct +46 (0)40-690 3825 >> > >> > >> > -- >> > To unsubscribe send an email with subject unsubscribe to >> > [email protected]. >> > Please contact [email protected] for questions. >> > >> >> >> >> >> -- >> To unsubscribe send an email with subject unsubscribe to >> [email protected]. >> Please contact [email protected] for questions. >> > > > > -- > Mattias Berge > Direct +46 (0)40-690 3825 > > > -- > To unsubscribe send an email with subject unsubscribe to > [email protected]. > Please contact [email protected] for questions. > -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
