diff options
Diffstat (limited to 'README.ENV')
| -rw-r--r-- | README.ENV | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/README.ENV b/README.ENV new file mode 100644 index 0000000..34dbcf6 --- /dev/null +++ b/README.ENV | |||
| @@ -0,0 +1,49 @@ | |||
| 1 | All the environment variables set by this module are: | ||
| 2 | |||
| 3 | HTTPS: can be "on" or "off" | ||
| 4 | SSL_VERSION_LIBRARY: The version of the gnutls library | ||
| 5 | SSL_VERSION_INTERFACE: The version of this module | ||
| 6 | SSL_PROTOCOL: The SSL or TLS protocol name (such as "TLS 1.0" etc.) | ||
| 7 | SSL_CIPHER: The SSL or TLS cipher suite name. | ||
| 8 | SSL_COMPRESS_METHOD: The negotiated compression method (NULL or DEFLATE) | ||
| 9 | SSL_SRP_USER: The SRP username used for authentication. | ||
| 10 | SSL_CIPHER_USEKEYSIZE and SSL_CIPHER_ALGKEYSIZE: The number if bits used in the used cipher | ||
| 11 | algorithm. This does not fully reflect the security level since the size of | ||
| 12 | RSA or DHE key exchange parameters affect the security level too. | ||
| 13 | SSL_CIPHER_EXPORT: true or false. Whether the cipher suite negotiated is an export one. | ||
| 14 | SSL_SESSION_ID: The session ID negotiated in this session. Can be the same during | ||
| 15 | client reloads. | ||
| 16 | |||
| 17 | SSL_CLIENT_V_REMAIN: The number of days until the client's certificate is expired. | ||
| 18 | SSL_CLIENT_V_START: The activation time of client's certificate. | ||
| 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. | ||
| 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. | ||
| 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. | ||
| 22 | SSL_CLIENT_S_AN%: These will contain the alternative names of the client certificate | ||
| 23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | ||
| 24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | ||
| 25 | "UNSUPPORTED" will be set. | ||
| 26 | SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. | ||
| 27 | SSL_CLIENT_M_VERSION: The version of the client's certificate. | ||
| 28 | SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. | ||
| 29 | SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. | ||
| 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate | ||
| 31 | SSL_CLIENT_VERIFY: | ||
| 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) | ||
| 33 | SSL_CLIENT_CERT_TYPE: The certificate type can be X.509 or OPENPGP. | ||
| 34 | |||
| 35 | SSL_SERVER_V_START: The activation time of server's certificate. | ||
| 36 | SSL_SERVER_V_END: The expiration time of server's certificate. | ||
| 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. | ||
| 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. | ||
| 39 | SSL_SERVER_S_AN%: These will contain the alternative names of the server certificate | ||
| 40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | ||
| 41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | ||
| 42 | "UNSUPPORTED" will be set. | ||
| 43 | SSL_SERVER_M_SERIAL: The serial number of the server's certificate. | ||
| 44 | SSL_SERVER_M_VERSION: The version of the server's certificate. | ||
| 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. | ||
| 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. | ||
| 47 | SSL_SERVER_CERT: The PEM-encoded server certificate | ||
| 48 | SSL_SERVER_CERT_TYPE: The certificate type can be X.509 or OPENPGP. | ||
| 49 | |||