On Wed, Oct 21, 2009 at 3:34 AM, Eric B. <ebenze@hotmail.com> wrote:

Hi Mattias,

Maybe I was misunderstanding the man page. I reread it, and indeed, I see
the statement that you wrote below.

But does that mean that if the certificate is on the server, there is no way
to determine which cipher the client used?

Furthermore, is there any way to get additional information in the X-
headers? It would be nice to have X-forwarded-proto for instance (ie: http
or https), cipher, cipher strength, the proxy's ip address itself.

Are additional headers such as those existant and/or configurable?

Thanks,

Eric

"Mattias Berge" <mattiasb@travellab.com> wrote in

message news:MailBoxer.1268.1255253133.1.pound@apsis.ch...

> Is it in a ListenHTTP directive? About the X-SSL-cipher, it says "...if it
> (the client) presents a client certificate Pound adds the following
> headers.."
>
> Post your config and pound version, you've probably added the AddHeader
> incorrectly
>
>
> On Fri, Oct 9, 2009 at 5:45 PM, Eric B.
> <ebenze@hotmail.com> wrote:
>
>> I didn't understand that I needed to do that based on the man pages, so I
>> just tried it, but still get an unknown directive error:
>>
>> [root@charliebrown ~]# /usr/sbin/pound
>> starting...
>> line 30: unknown directive "AddHeader X-SSL-cipher" - aborted
>>
>> I tried both
>> AddHeader X-SSL-cipher
>> and
>> AddHeader "X-SSL-cipher"
>>
>> in the config file, but neither seemed to work.
>>
>> According to the man pages, the X-SSL* headers are supposed to be
>> automaticcaly appended to the headers if it is an SSL request, but I
>> can't
>> seem to get any such headers added.
>>
>> Any ideas?
>>
>> Thanks,
>>
>> Eric
>>
>> "Mattias Berge" <mattiasb@travellab.com> wrote
>> in
>> message
>> news:MailBoxer.1266.1255072798.69.pound@apsis.ch...
>> > Did you try 'AddHeader X-SSL-cipher'?
>> >
>> > On Fri, Oct 9, 2009 at 7:21 AM, Eric B.
>> > <ebenze@hotmail.com> wrote:
>> >
>> >> Hi,
>> >>
>> >> According to the man pages and the web site, the X-SSL-cipher is added
>> if
>> >> the client connects via HTTPS. However, my redirected requests don't
>> >> seem
>> >> to contain any such headers even if the client is connecting via SSL.
>> >>
>> >> Additionally, according to the website, it says the X-SSL-cipher is
>> added
>> >> if
>> >> the HTTPSHeaders is set. I didn't find anything such instructions in
>> the
>> >> man pages, but tried adding it in anyhow. However, pound doesn't
>> >> start
>> >> up,
>> >> complaining that HTTPSHeaders 1 is an unknown directive.
>> >>
>> >> Has anybody used these headers before? Am I doing something wrong
>> trying
>> >> to
>> >> get them added to my requests?
>> >>
>> >> Thanks,
>> >>
>> >> Eric
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> To unsubscribe send an email with subject unsubscribe to
>> >> pound@apsis.ch.
>> >> Please contact roseg@apsis.ch for questions.
>> >>
>> >
>> >
>> >
>> > --
>> > Mattias Berge
>> > Direct +46 (0)40-690 3825
>> >
>> >
>> > --
>> > To unsubscribe send an email with subject unsubscribe to
>> > pound@apsis.ch.
>> > Please contact roseg@apsis.ch for questions.
>> >
>>
>>
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound@apsis.ch.
>> Please contact roseg@apsis.ch for questions.
>>
>
>
>
> --
> Mattias Berge
> Direct +46 (0)40-690 3825
>
>
> --
> To unsubscribe send an email with subject unsubscribe to
> pound@apsis.ch.
> Please contact roseg@apsis.ch for questions.
>

--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact roseg@apsis.ch for questions.