Hi, I am starting to look into implementing an Apache module that can use information from an incoming request, including several headers and the subject string from a client certificate to do authentication.
I've been looking at the source for mod_auth_certificate, from https://modules.apache.org/, as a starting point. However, it looks like the way that mod_auth_certificate works is that it requires that there's an SSLUserName directive to put the client certificate DN into the Apache REMOTE_USER attribute, whereas I need the entire PEM for the client cert to do authentication that I'm trying to do. So I was wondering if it's possible for a module to access the SSL_CLIENT_S_DN and SSL_CLIENT_CERT environment variables, and if so, how? Also, as mentioned my module would need to access several HTTP headers that are in the incoming requests. How can it do that? Thanks, Jim
