Logging SSL request information in the access log for IBM HTTP Server
 Technote (troubleshooting)
 
Problem(Abstract)
The IBM® HTTP Server implementation provides Secure Sockets Layer (SSL) environment variables that are configurable with the LogFormat directive in the httpd.conf file.
 
Resolving the problem
The following examples illustrate how SSL environment variables can be used within the httpd.conf file to allow additional logging of SSL request information to the Web server access log.
For example: (install_root/conf/httpd.conf)

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b %{HTTPS}e %{SSL_CIPHER}e %{SSL_CLIENT_DN}e" SSL
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

Listen 443
<VirtualHost 192.168.0.10:443>
ServerName www.mycompany.com
SSLEnable
SSLClientAuth Required
CustomLog logs/access.log SSL
</VirtualHost>

SSLDisable
KeyFile "c:\program files\ibm http server\key.kdb"
SSLV2Timeout 100
SSLV3Timeout 1000

For example: (install_root/logs/access.log)

192.168.0.10 - - [29/Jul/2004:02:16:50 -0400] "GET / HTTP/1.1" 200 4757
ON SSL_RSA_WITH_RC4_128_SHA CN=jane Doe,O=ibm,C=US

192.168.0.10 - - [29/Jul/2004:02:16:50 -0400] "GET /HTTP_top_b.gif HTTP/1.1" 304  ON SSL_RSA_WITH_RC4_128_SHA CN=jane Doe,O=ibm,C=US

192.168.0.10 - - [29/Jul/2004:02:16:50 -0400] "GET /conf_serv_bttnOFFa.gif HTTP/1.1" 304
ON SSL_RSA_WITH_RC4_128_SHA CN=jane Doe,O=ibm,C=US

192.168.0.10 - - [29/Jul/2004:02:16:51 -0400] "GET /view_doc_bttnOFF_a.gif HTTP/1.1"304 ON SSL_RSA_WITH_RC4_128_SHA CN=jane Doe,O=ibm,C=US

192.168.0.10 - - [29/Jul/2004:02:16:51 -0400] "GET /visit_web_bttnOFF_a.gif HTTP/1.1"304 ON SSL_RSA_WITH_RC4_128_SHA CN=jane Doe,O=ibm,C=US

Reference key
%{HTTPS}e = ON  (OFF is displayed if HTTP)
%{SSL_CIPHER}e = SSL_RSA_WITH_RC4_128_SHA
%{SSL_CLIENT_DN}e = CN=jane Doe,O=ibm,C=US

For a complete listing of available SSL environment variables, refer to:
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > IBM HTTP Server > SSL
Operating system(s): Windows
Software version: 6.0
Software edition:
Reference #: 1176455
IBM Group: Software Group
Modified date: Aug 9, 2004