On Tue, Nov 02, 1999, Alexander Tyshlek wrote:
> I have certificate with Subject DN /C=UA/L=Donetsk/O=First Ukrainian
> International Bank/OU=DHO/CN=Alexander
> [EMAIL PROTECTED]/UID=tyshlek
>
> 1. Can I create ENV variable SSL_CLIENT_S_DN_UID (I don't find it);
Hmm... currently there is no such variable. But for mod_ssl 2.4.9 I've now
added also the variables *_UID, *_T, *_I, *_G, *_S, and *_D to present the
corresponding X.509 fields, too.
> 2. If Yes Can I use following in httpd.conf
> ...
> SSLVerifyClient require
> User %{SSL_CLIENT_S_DN_UID} # I want something like `su user-id'
> ...
No, even with 2.4.9 you will be able to use such a thing. First, the "User"
directive doesn't expand variables in its argument line. Second, it is a
per-startup and not per-connection directive.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]