Re: can it log who login the site with certificate in apache?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

yes, thank you very much!

2009/4/30 Sean Conner <spc@xxxxxxxxxx>
It was thus said that the Great Buddy wu once stated:
> when setup apache using ssl, and require a client certificate to login,
> then in apache's logfile. can log the user who access the website with
> certificate? and which certificate he use, like name, email etc.thanks alog

 In my Apache config file, I defined the following:

LogFormat "%h %l \"%{SSL_CLIENT_S_DN}x\" %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" sslcombined

And in the configuration for the secure site:

<VirtualHost 66.252.224.242:443>
 ServerName            secure.conman.org
 CustomLog             /home/spc/web/logs/s-secure.conman.org sslcombined

 ...

</VirtualHost>

 You may want to play around with what you log.  Some examples:

       SSL_CLIENT_S_DN
       SSL_CLIENT_S_DN_C
       SSL_CLIENT_S_DN_ST
       SSL_CLIENT_S_DN_L
       SSL_CLIENT_S_DN_O
       SSL_CLIENT_S_DN_OU
       SSL_CLIENT_S_DN_CN

 But it really depends upon the fields defined for the certificate.

 -spc


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




--
<a href="" href="http://eye4china.buddub.com">http://eye4china.buddub.com">blog</a>
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux