On Thu, Feb 16, 2017 at 2:49 PM, Yann Ylavic <ylavic....@gmail.com> wrote:
> On Tue, Feb 14, 2017 at 1:24 PM, Andrei Ivanov <andrei.iva...@gmail.com> > wrote: > > > > I'm using mod_nss exactly because mod_ssl doesn't expose that variable > and > > my issue that requests that is sitting ignored for 2 months now :-( > > Did you try something with SSLRequire or a <if> expression like > "'<myip>' -in PeerExtList('2.5.29.17')" ? > > I never tested it, but since '2.5.29.17' is the OID for the > certificate's SAN, and PeerExtList() may return the list of the inner > strings, it could possibly work... > > I gave it a try, but seems to reach the same limitation of the expression engine :-( NSSRequire %{REMOTE_ADDR} in PeerExtList('2.5.29.17') or Require expr "%{REMOTE_ADDR} in PeerExtList('2.5.29.17')" AH00526: Syntax error on line 229 of /etc/httpd/conf.d/nss.conf: Cannot parse expression in require line: syntax error, unexpected $end > > Regards, > Yann. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >