I've make nginx support TLS(Mutual Authentication), It's can be
work
and very cool. but i want have some detail log about exchange of digital
certificates. for example, the log have exchange success and client
digital
certificates information in this exchange action.
My system like: Broswer <--TLS--> Nginx 1.0.8 <--HTTP--> Tomcat
So, what can i do?
Thanks for your work.
========ref=========
Module ngx_http_ssl_module supports the following built-in variables:
$ssl_cipher returns the cipher suite being used for the currently
established SSL/TLS connection
$ssl_client_serial returns the serial number of the client certificate
for
the currently established SSL/TLS connection — if applicable, i.e., if
client authentication is activated in the connection
$ssl_client_s_dn returns the subject Distinguished Name (DN) of the
client
certificate for the currently established SSL/TLS connection — if
applicable, i.e., if client authentication is activated in the
connection
$ssl_client_i_dn returns the issuer DN of the client certificate for the
currently established SSL/TLS connection — if applicable, i.e., if
client
authentication is activated in the connection
$ssl_protocol returns the protocol of the currently established SSL/TLS
connection — depending on the configuration and client available options
it’s one of SSLv2, SSLv3 or TLSv1
$ssl_session_id the Session ID of the established secure connection —
requires Nginx version greater or equal to 0.8.20
$ssl_client_cert
$ssl_client_raw_cert
$ssl_client_verify takes the value “SUCCESS” when the client certificate
is
successfully verified