-Original Message-
From: A mailing list about Java Server Pages specification and reference
[mailto:[EMAIL PROTECTED]]On Behalf Of Fernando Ribeiro
Sent: Wednesday, February 16, 2000 3:45 AM
To: [EMAIL PROTECTED]
Subject: Re: Detect the encryption level supported by the browser
Two or three days ago I have faced the same problem. We should take a
look at the HTTPS protocol reference and check it it does not expose
that information as a environment variable, just like HTTP_REMOTE_USER.
I suspect it is highly dependant on your web server and/or ssl product. In
the case of Apache 1.3.9 RavenSSL 1.4, these are the headers I receive
during an HTTPS request that related to SSL:
HTTPS on
SERVER_PORT 443
ssl-unclean-shutdown 1
SSL_CIPHER RC4-MD5
SSL_CIPHER_ALGKEYSIZE 128
SSL_CIPHER_EXPORT false
SSL_CIPHER_USEKEYSIZE 128
SSL_CLIENT_VERIFY NONE
SSL_PROTOCOL SSLv3
SSL_SERVER_A_KEY rsaEncryption
SSL_SERVER_A_SIG md5WithRSAEncryption
SSL_SERVER_I_DN /C=US/ST=California/L=Palo Alto/O=[DELETED]
SSL_SERVER_I_DN_C US
SSL_SERVER_I_DN_CN www.myhost.com
SSL_SERVER_I_DN_Email [EMAIL PROTECTED]
SSL_SERVER_I_DN_L Palo Alto
SSL_SERVER_I_DN_O MY COMPANY
SSL_SERVER_I_DN_OU MY COMPANY
SSL_SERVER_I_DN_SP California
SSL_SERVER_M_SERIAL 00
SSL_SERVER_M_VERSION 3
SSL_SERVER_S_DN /C=US/ST=California/L=Palo Alto/O=[DELETED]
SSL_SERVER_S_DN_C US
SSL_SERVER_S_DN_CN www.myhost.com
SSL_SERVER_S_DN_Email [EMAIL PROTECTED]
SSL_SERVER_S_DN_L Palo Alto
SSL_SERVER_S_DN_O MY COMPANY
SSL_SERVER_S_DN_OU MY COMPANY
SSL_SERVER_S_DN_SP California
SSL_SERVER_V_END Jan 12 09:22:13 2001 GMT
SSL_SERVER_V_START Jan 13 09:22:13 2000 GMT
SSL_SESSION_ID D685421330 [...]
GATEWAY_INTERFACE CGI/1.1
SERVER_PROTOCOL HTTP/1.1
REQUEST_METHOD GET
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html