| 1 | All the environment variables set by this module are: |
|---|
| 2 | |
|---|
| 3 | HTTPS: can be "on" or "off" |
|---|
| 4 | SSL_VERSION_LIBRARY: The version of the gnutls library |
|---|
| 5 | SSL_VERSION_INTERFACE: The version of this module |
|---|
| 6 | SSL_PROTOCOL: The SSL or TLS protocol name (such as "TLS 1.0" etc.) |
|---|
| 7 | SSL_CIPHER: The SSL or TLS cipher suite name. |
|---|
| 8 | SSL_COMPRESS_METHOD: The negotiated compression method (NULL or DEFLATE) |
|---|
| 9 | SSL_SRP_USER: The SRP username used for authentication. |
|---|
| 10 | SSL_CIPHER_USEKEYSIZE and SSL_CIPHER_ALGKEYSIZE: The number if bits used in the used cipher |
|---|
| 11 | algorithm. This does not fully reflect the security level since the size of |
|---|
| 12 | RSA or DHE key exchange parameters affect the security level too. |
|---|
| 13 | SSL_CIPHER_EXPORT: true or false. Whether the cipher suite negotiated is an export one. |
|---|
| 14 | SSL_SESSION_ID: The session ID negotiated in this session. Can be the same during |
|---|
| 15 | client reloads. |
|---|
| 16 | |
|---|
| 17 | SSL_CLIENT_V_REMAIN: The number of days until the client's certificate is expired. |
|---|
| 18 | SSL_CLIENT_V_START: The activation time of client's certificate. |
|---|
| 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. |
|---|
| 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. |
|---|
| 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. |
|---|
| 22 | SSL_CLIENT_S_SAN%: These will contain the alternative names of the client certificate |
|---|
| 23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
|---|
| 24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
|---|
| 25 | "UNSUPPORTED" will be set. |
|---|
| 26 | SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. |
|---|
| 27 | SSL_CLIENT_M_VERSION: The version of the client's certificate. |
|---|
| 28 | SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. |
|---|
| 29 | SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. |
|---|
| 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate |
|---|
| 31 | SSL_CLIENT_VERIFY: |
|---|
| 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) |
|---|
| 33 | SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP. |
|---|
| 34 | |
|---|
| 35 | SSL_SERVER_V_START: The activation time of server's certificate. |
|---|
| 36 | SSL_SERVER_V_END: The expiration time of server's certificate. |
|---|
| 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. |
|---|
| 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. |
|---|
| 39 | SSL_SERVER_S_SAN%: These will contain the alternative names of the server certificate |
|---|
| 40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
|---|
| 41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
|---|
| 42 | "UNSUPPORTED" will be set. |
|---|
| 43 | SSL_SERVER_M_SERIAL: The serial number of the server's certificate. |
|---|
| 44 | SSL_SERVER_M_VERSION: The version of the server's certificate. |
|---|
| 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. |
|---|
| 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. |
|---|
| 47 | SSL_SERVER_CERT: The PEM-encoded server certificate |
|---|
| 48 | SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP. |
|---|
| 49 | |
|---|
