You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by G....@comlink.org on 2002/06/03 01:12:00 UTC
SSL environment variable: key size
I need to know the keysize, which is actually used in a SSL connection.
There are no environment variables like HTTPS or HTTPS_KEYSIZE like on
Netscape Webserver, and even following all hints in tomcat-ssl-howto.html we
didn't see any new request parameter.
Funny enough, there are two attributes (session_id, cipher_suite), but not
the key_size we are looking for. This attribute shall be supported from
Servlet 2.3, but Tomcat 3.3 is not more than Servlet 2.2.
Any other idea how to get the SSL key size?
We use Tomcat 3.3, Apache 1.3.22, mod_ssl 2.8.5 on Solaris 5.7, JDK 1.2.2.
Gerd Kersten
...................Extract of the httpd.conf ..........................
<IfDefine SSL>
##
## SSL Environment variables [added by gke]
##
# Should mod_jk send SSL information to Tomcat (default is On)
JkExtractSSL On
# What is the indicator for SSL (default is HTTPS)
JkHTTPSIndicator HTTPS
# What is the indicator for SSL session (default is SSL_SESSION_ID)
JkSESSIONIndicator SSL_SESSION_ID
# What is the indicator for client SSL cipher suit (default is SSL_CIPHER)
JkCIPHERIndicator SSL_CIPHER
# What is the indicator for the client SSL certificated (default is
SSL_CLIENT_CERT)
JkCERTSIndicator SSL_CLIENT_CERT
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/usr/local/www"
ServerName ipent01.mydomain.de
ServerAdmin root@ipent01.mydomain.de
#ErrorLog /usr/local/httpd/logs/error_log
#TransferLog /usr/local/httpd/logs/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
[...]
# "jsp" added [gke, 16.05.02]
<Files ~ "\.(cgi|shtml|phtml|php3?|jsp)$">
SSLOptions +StdEnvVars +ExportCertData
# SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/httpd/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
[...]
</VirtualHost>
</IfDefine>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>