Joe Orton wrote:
> On Fri, Jun 03, 2005 at 08:56:56AM +0200, Øyvin Sømme wrote:
>
>>Method 2 (SSLRequire):
>>
>> The user-id field is just '-'.
>>
>>Can I somehow configure apache/mod_ssl to only store certain elements of
>>the DN (e.g. the CN in the DN) as the user-id in the access-log?

>
>
> mod_ssl in httpd 2.0 supports the "SSLUsername" directive which allows
> this:
>
> http://httpd.apache.org/docs-2.0/mod...ml#sslusername
>
> Regards,
>
> joe
> __________________________________________________ ____________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org


Thanks for a very good suggestion. Seems to be just what I need.
So I tried to use the directive 'SSLUserName SSL_CLIENT_S_DN_CN'
inside the context. This resulted in *no*
change in my log files, the user-id field was still '-'.

Any idea why it didn't work?


Regards
Øyvin
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org