Hi, I have a requirement to check incoming requests, something that would be succinctly expressed this way:
<Location /> Require expr "%{REMOTE_ADDR} in %{SSL_CLIENT_SAN_IPaddr}" </Location> This would check that the request IP address is among the IP addresses in the client certificate. Unfortunately, this doesn't work: 1. SSL_CLIENT_SAN_IPaddr is not exposed by mod_ssl, but I've switched to mod_nss, which exports it 2. The expression evaluation engine doesn't know how to evaluate this kind of expression 3. I've tried using mod_lua for the expression, but it can't access this kind of environment variables (and the SSL specific only if exposed by mod_ssl, not other modules, like mod_nss) I have ran out of ideas on what to try. Please help. Thank you.