patch for support of SSL_CLIENT_CERT
Igor Sysoev
is at rambler-co.ru
Fri Jul 25 20:20:50 MSD 2008
On Thu, Jul 24, 2008 at 12:02:50PM +0200, Manlio Perillo wrote:
> Igor Sysoev ha scritto:
> >[...]
> >>>I'm going to change $ssl_client_cert: I want to add TABs in new line
> >>>begining:
> >>>
> >>>-----BEGIN CERTIFICATE-----
> >>> MIIFHTCCBAWgAwIBAg...
> >>> ...
> >>> ...mnshtt0=
> >>> -----END CERTIFICATE-----
> >>>
> >>>This will allow to pass the variable in proxied header.
> >>>
> >>>Any objections ?
> >>>
> >>Will it be readable by OpenSSL without removing the TABs?
> >
> >Do you mean PEM_read_bio_X509() ?
>
> Yes.
>
> >It read it unless "-----END CERTIFICATE-----" is not TABed, i.e.:
> >
>
> Ok, thanks.
>
> No problems with me.
I have decided to introduce new variable. However, I can not choose name.
Variants:
$x_ssl_client_cert
$ssl_client_cert_as_header
$ssl_client_cert_tabbed
Now I like the first one.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list