From 586e3bef5d34d090d9480e146783c33313f9dc34 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Wed, 20 Feb 2008 18:50:41 +0000 Subject: added tags --- (limited to 'README.ENV') diff --git a/README.ENV b/README.ENV new file mode 100644 index 0000000..34dbcf6 --- /dev/null +++ b/README.ENV @@ -0,0 +1,49 @@ +All the environment variables set by this module are: + +HTTPS: can be "on" or "off" +SSL_VERSION_LIBRARY: The version of the gnutls library +SSL_VERSION_INTERFACE: The version of this module +SSL_PROTOCOL: The SSL or TLS protocol name (such as "TLS 1.0" etc.) +SSL_CIPHER: The SSL or TLS cipher suite name. +SSL_COMPRESS_METHOD: The negotiated compression method (NULL or DEFLATE) +SSL_SRP_USER: The SRP username used for authentication. +SSL_CIPHER_USEKEYSIZE and SSL_CIPHER_ALGKEYSIZE: The number if bits used in the used cipher + algorithm. This does not fully reflect the security level since the size of + RSA or DHE key exchange parameters affect the security level too. +SSL_CIPHER_EXPORT: true or false. Whether the cipher suite negotiated is an export one. +SSL_SESSION_ID: The session ID negotiated in this session. Can be the same during + client reloads. + +SSL_CLIENT_V_REMAIN: The number of days until the client's certificate is expired. +SSL_CLIENT_V_START: The activation time of client's certificate. +SSL_CLIENT_V_END: The expiration time of client's certificate. +SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. +SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. +SSL_CLIENT_S_AN%: These will contain the alternative names of the client certificate + (% is a number starting from zero). The values will be prepended by "DNSNAME:", + "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value + "UNSUPPORTED" will be set. +SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. +SSL_CLIENT_M_VERSION: The version of the client's certificate. +SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. +SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. +SSL_CLIENT_CERT: The PEM-encoded client certificate +SSL_CLIENT_VERIFY: + whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) +SSL_CLIENT_CERT_TYPE: The certificate type can be X.509 or OPENPGP. + +SSL_SERVER_V_START: The activation time of server's certificate. +SSL_SERVER_V_END: The expiration time of server's certificate. +SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. +SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. +SSL_SERVER_S_AN%: These will contain the alternative names of the server certificate + (% is a number starting from zero). The values will be prepended by "DNSNAME:", + "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value + "UNSUPPORTED" will be set. +SSL_SERVER_M_SERIAL: The serial number of the server's certificate. +SSL_SERVER_M_VERSION: The version of the server's certificate. +SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. +SSL_SERVER_A_KEY: The public key algorithm in server's certificate. +SSL_SERVER_CERT: The PEM-encoded server certificate +SSL_SERVER_CERT_TYPE: The certificate type can be X.509 or OPENPGP. + -- cgit v0.9.2