apologies for the open-ssl list for the repost. i want to make sure that the patch below is correct. a couple of months ago jean-luc rochat told me how to patch jserv to relay client digital certificates to servlets. yesterday, with help of ben laurie, i made jserv to do the same with apache-ssl. followwing ben's suggestion i make the patches to jserv_ajpv12.c and JServConnection.java ajavailable. (save it under ApacheJServ-1.1 and use "patch -p0 < pfile"): diff -Naur src/patch/jserv_ajpv12.c src/c/jserv_ajpv12.c --- src/patch/jserv_ajpv12.c Wed Mar 22 07:14:59 2000 +++ src/c/jserv_ajpv12.c Tue Mar 21 14:01:48 2000 @@ -554,13 +554,17 @@ ajpv12_sendstring( buffsocket, ap_get_server_version()); /* begin jluc */ - /* Send routing info var & SSL CLIENT Certificates DNs */ + /* Send the SSL client certificate */ if (r->subprocess_env) { - ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "JSERV_ROUTE")); + ap_add_common_vars(r); + ap_add_cgi_vars(r); ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "SSL_CLIENT_DN")); - ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "SSL_CLIENT_IDN")); + ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "SSL_CLIENT_I_DN")); + ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "SSL_CLIENT_CERT")); + ajpv12_sendstring( buffsocket, ap_table_get(r->subprocess_env, "UNIQUE_ID")); } else { + ajpv12_sendstring( buffsocket, ""); ajpv12_sendstring( buffsocket, ""); ajpv12_sendstring( buffsocket, ""); ajpv12_sendstring( buffsocket, ""); diff -Naur src/java/org/apache/patches/JServConnection.java src/java/org/apache/jserv/JServConnection.java --- src/java/org/apache/patches/JServConnection.java Wed Mar 22 07:15:35 2000 +++ src/java/org/apache/jserv/JServConnection.java Wed Mar 22 06:41:06 2000 @@ -403,7 +403,9 @@ env_vars.put("SERVER_SOFTWARE", in.readString("")); env_vars.put("JSERV_ROUTE", in.readString("")); env_vars.put("SSL_CLIENT_DN", in.readString("")); - env_vars.put("SSL_CLIENT_IDN", in.readString("")); + env_vars.put("SSL_CLIENT_I_DN", in.readString("")); + env_vars.put("SSL_CLIENT_CERT", in.readString("")); + env_vars.put("UNIQUE_ID", in.readString("")); break; -- Aaron Stromas | "Tick-tick-tick!!!... ja, Pantani is weg...." Oracle Corp. | BRTN commentator, +1 703 708 6821 | L'Alpe d'Huez, 1995 Tour de France ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]