Re: Extracting SSL_CLIENT_S_DN_UID does not work

Michael Ströder wrote: Joe Orton wrote: On Fri, May 23, 2008 at 05:23:34PM +0200, Michael Ströder wrote: Ok, then the OID in my cert is 0.9.2342.19200300.100.1.1 (attribute type 'uid' specified for pilotPerson). That seems right to me since it's compliant with RFC 4514 which contains a table o

Re: Extracting SSL_CLIENT_S_DN_UID does not work

DONT SEND ME THIS CRAP THANK'S -- Original message from Michael Ströder <[EMAIL PROTECTED]>: -- > Joe, > > many thanks for your response. > > Joe Orton wrote: > > On Mon, May 19, 2008 at 10:13:45AM +0200, Michael Ströder wrote: > >> > >> Maybe I'm overlooking the ob

Re: Extracting SSL_CLIENT_S_DN_UID does not work

Michael Ströder wrote: Joe Orton wrote: On Fri, May 23, 2008 at 05:23:34PM +0200, Michael Ströder wrote: Ok, then the OID in my cert is 0.9.2342.19200300.100.1.1 (attribute type 'uid' specified for pilotPerson). That seems right to me since it's compliant with RFC 4514 which contains a table o

Re: Extracting SSL_CLIENT_S_DN_UID does not work

Joe Orton wrote: On Fri, May 23, 2008 at 05:23:34PM +0200, Michael Ströder wrote: Ok, then the OID in my cert is 0.9.2342.19200300.100.1.1 (attribute type 'uid' specified for pilotPerson). That seems right to me since it's compliant with RFC 4514 which contains a table of short and long attribu

Re: Extracting SSL_CLIENT_S_DN_UID does not work

On Fri, May 23, 2008 at 05:23:34PM +0200, Michael Ströder wrote: > Ok, then the OID in my cert is 0.9.2342.19200300.100.1.1 (attribute type > 'uid' specified for pilotPerson). That seems right to me since it's > compliant with RFC 4514 which contains a table of short and long attribute > type na

Re: Extracting SSL_CLIENT_S_DN_UID does not work

Joe Orton wrote: On Fri, May 23, 2008 at 04:46:48PM +0200, Michael Ströder wrote: In the current 2.x mod_ssl sources, UID maps to: #ifdef NID_x500UniqueIdentifier /* new name as of Openssl 0.9.7 */ { "UID", NID_x500UniqueIdentifier }, #else /* old name, OpenSSL < 0.9.7 */ { "UID",

Re: Extracting SSL_CLIENT_S_DN_UID does not work

Joe Orton wrote: On Fri, May 23, 2008 at 04:46:48PM +0200, Michael Ströder wrote: Hmm, the user ID is already stored by mod_ssl with attribute name "UID" in env var SSL_CLIENT_S_DN. Given that it's OpenSSL 0.9.8 and that the attribute type seems to be interpreted as UID is it safe to assume tha

Re: Extracting SSL_CLIENT_S_DN_UID does not work

On Fri, May 23, 2008 at 04:46:48PM +0200, Michael Ströder wrote: >> In the current 2.x mod_ssl sources, UID maps to: >> >> #ifdef NID_x500UniqueIdentifier /* new name as of Openssl 0.9.7 */ >> { "UID", NID_x500UniqueIdentifier }, >> #else /* old name, OpenSSL < 0.9.7 */ >> { "UID", NI

Re: Extracting SSL_CLIENT_S_DN_UID does not work

Joe, many thanks for your response. Joe Orton wrote: On Mon, May 19, 2008 at 10:13:45AM +0200, Michael Ströder wrote: Maybe I'm overlooking the obvious but it seems that env var SSL_CLIENT_S_DN_UID is not set when using a client cert for authentication. The following env vars displayed in my

Re: Extracting SSL_CLIENT_S_DN_UID does not work

On Mon, May 19, 2008 at 10:13:45AM +0200, Michael Ströder wrote: > HI! > > (Re-sent since my message through gmane didn't come through.) > > Maybe I'm overlooking the obvious but it seems that env var > SSL_CLIENT_S_DN_UID is not set when using a client cert for authentication. > > The following en

Extracting SSL_CLIENT_S_DN_UID does not work

HI! (Re-sent since my message through gmane didn't come through.) Maybe I'm overlooking the obvious but it seems that env var SSL_CLIENT_S_DN_UID is not set when using a client cert for authentication. The following env vars displayed in my SSI HTML text are relevant here (obfuscated to protect