Re: Issue with ssl_c_sha1
Hi, On Wed, Jul 02, 2014 at 02:49:55AM +, Yumerefendi, Aydan wrote: Willy, Thanks for you help. Your suggestion worked! What tripped me was the lack of an example involving ssl_c_sha1 in the documentation. The easiest way to improve would be to the line you sent me to the list of other SSL examples. I added an example according to your suggestion, thanks! Willy
Re: Issue with ssl_c_sha1
Willy,
Thanks for you help. Your suggestion worked! What tripped me was the lack
of an example involving ssl_c_sha1 in the documentation. The easiest way
to improve would be to the line you sent me to the list of other SSL
examples.
Thanks,
‹aydan
On 5/28/14, 5:47 PM, Willy Tarreau w...@1wt.eu wrote:
Hi,
On Wed, May 28, 2014 at 08:47:11PM +, Yumerefendi, Aydan wrote:
Hi,
I am trying to extract the sha1 hash of the client certificate and to
pass it
to the backend server. My configuration has this line:
http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1]
However, this does not seem to produce a string of the form aabbcc...
as
the examples I've seen on the web. Instead, it appears to write the raw
sha1
hash bytes. The downstream server, node.js, appears to treat these
value as
utf8 strings.
Indeed, the doc says it's binary, so if you want it in hex, you just need
to
chain the hex converter :
http-request set-header X-SSL-Client-SHA1
%{+Q}[ssl_c_sha1,hex]
The binary form is more suited to stick tables for example as it takes
half
of the space.
Do you think we could improve the doc one way or another to make this
easier
to find ? Maybe with more examples ? Do not hesitate to suggest
adaptations
or even patches!
Regards,
Willy
Issue with ssl_c_sha1
Hi,
I am trying to extract the sha1 hash of the client certificate and to pass it
to the backend server. My configuration has this line:
http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1]
However, this does not seem to produce a string of the form aabbcc... as the
examples I've seen on the web. Instead, it appears to write the raw sha1 hash
bytes. The downstream server, node.js, appears to treat these value as utf8
strings.
This is the version I am running:
./haproxy --version
HA-Proxy version 1.5-dev25-a339395 2014/05/10
Copyright 2000-2014 Willy Tarreau w...@1wt.eu
What am I doing wrong? Ideally I would like to get the sha1 hash as a hex
string.
Thanks,
-aydan
Re: Issue with ssl_c_sha1
Hi,
On Wed, May 28, 2014 at 08:47:11PM +, Yumerefendi, Aydan wrote:
Hi,
I am trying to extract the sha1 hash of the client certificate and to pass it
to the backend server. My configuration has this line:
http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1]
However, this does not seem to produce a string of the form aabbcc... as
the examples I've seen on the web. Instead, it appears to write the raw sha1
hash bytes. The downstream server, node.js, appears to treat these value as
utf8 strings.
Indeed, the doc says it's binary, so if you want it in hex, you just need to
chain the hex converter :
http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1,hex]
The binary form is more suited to stick tables for example as it takes half
of the space.
Do you think we could improve the doc one way or another to make this easier
to find ? Maybe with more examples ? Do not hesitate to suggest adaptations
or even patches!
Regards,
Willy
