httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <>
Subject Re: RE : [users@httpd] RE : [users@httpd] Forwarding client Certficates from mod_ssl to a distant mod_jk through HTTPHeaders.
Date Tue, 02 Mar 2004 11:15:59 GMT
Thanks for testing the patch, Nicolas.

On Tue, Mar 02, 2004 at 12:05:12PM +0100, wrote:
> I have just a small probleme remaining, i do get the client certificate as an environment
variable from the RequestHeader:  
> But mod_jk expects an environment variable named SSL_CLIENT_CERT,
> is there an easy way to rename or create this new variable using the content of the first

Google says you can configure mod_jk to pick up the client cert from a
different variable, have you tried that: i.e.


> I saw you post an other fix :
> In what way is it better than the first one? Is it because you do not have to tell mod_ssl
to export variables?

Yes: there is a lot of overhead when using: "SSLOptions +ExportCertData
+StdEnvVars" - with the fix I committed, on your proxy you don't need to 
enable those settings, just use %{...}s in the RequestHeader directives 
to pass on the few specific SSL variables from mod_ssl.



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message