Extra SSL Info for Apache

What is it?

This patch exposes the following X509v3 extensions in both client and server certificates:

• Certificate Policies: OID values
• Subject Alternative Name: Email, DNS, IP address, URI, DirName, and otherName / principalName (UPN) values

These extension values are published as HTTPD environment variables, and can be used by web applications.

This patch is separate from our Pathfinder for Apache patch. They can be applied together or individually, as required.

Current Status:

This Extra SSL Info patch for Apache is considered stable. Other Subject Alternative Name decodings may be added at a later date.

Download:

Patch:httpd-2.2.8-extraexports-20090929.diff.gz

Instructions:

• Apply the patch to a clean httpd-2.2.8 or 2.2.6 (or even 2.2.4, though it's been deprecated) build tree. It may apply against newer trees as well.
• Compile and install apache as usual.
• The extra SSL environment variables are published alongside the standard ones, when SSLOptions +StdEnvVars is present in the httpd configuration files.

Need Help?

Let us know!