Feature request for error logs (what! not enough detail!?! ;-)

Feature request for error logs (what! not enough detail!?! ;-)

am 26.06.2002 06:19:11 von Jason Haar

We're using client certs and one thing I'd like to see is the SSL error logs
showing me revoked,expired and "faked" certs details on one line. Currently
I see the likes of:

[26/Jun/2002 15:43:55 05724] [error] Certificate Verification: Error (23):
certificate revoked

and

[26/Jun/2002 15:45:20 05725] [error] Certificate Verification: Error (10):
Certificate has expired

and

[26/Jun/2002 16:17:55 05728] [error] Certificate Verification: Error (20):
unable to get local issuer certificate

....couldn't something like the client serial number or DN be added to that
line?

That would then give an easy way to script reports...

Thanks

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org