Re: Apache mod_ssl and knowing crypto bit length - David Wall - org.apache.tomcat.users

18 messages in org.apache.tomcat.usersRe: Apache mod_ssl and knowing crypto...

From	Sent On	Attachments
Mohan K. Chintala	Jan 4, 2001 6:56 am
Michael Wentzel	Jan 4, 2001 11:25 am
Craig R. McClanahan	Jan 4, 2001 11:28 am
Michael Wentzel	Jan 4, 2001 11:31 am
Jeff Fletcher	Jan 4, 2001 11:35 am
Mike Campbell	Jan 4, 2001 11:36 am
Craig R. McClanahan	Jan 4, 2001 11:49 am
Kitching Simon	Jan 4, 2001 11:54 am
Orestes Mas	Jan 10, 2001 7:08 am
Tal Dayan	Jan 19, 2001 5:26 pm
David Wall	Jan 20, 2001 9:50 am
Joe Laffey	Jan 20, 2001 10:41 am
David Wall	Jan 29, 2001 12:27 pm
Matt Goss	Jan 30, 2001 6:40 am
David Wall	Feb 4, 2001 11:04 am
David Wall	Feb 4, 2001 11:34 am
David Wall	Feb 4, 2001 4:10 pm
Matt Goss	Feb 6, 2001 6:37 am

Subject:	Re: Apache mod_ssl and knowing crypto bit length
From:	David Wall (dwa...@myEastside.com)
Date:	Feb 4, 2001 11:34:32 am
List:	org.apache.tomcat.users

The mod_ssl log file ssl_engine_log shows the Protocol, Cipher and bit length. When I use the environment variable SSL_CIPHER, it doesn't include the number of bits, only something like RC4-MD5

A quick check of modssl.org shows that the environment variable is called SSL_CIPHER_USEKEYSIZE (I think this is what I want). My httpd.conf does export +StdEnvVars, but when Tomcat mod_jk.conf file documents several mappings for environment variables, but the choice is limited and doesn't include SSL_CIPHER_USEKEYSIZE.

I did configure apache with "JkExtractSSL On" and the SSLOptions include +StdEvnVars (not +ExportCertData because I don't care about client certs). Would I extract these using request.getHeader() ?

David

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets