Server-side SNI, libtls version

Implementation for bearssl coming soon.
author: Laurent Bercot <ska-skaware@skarnet.org> 2021-05-28 01:05:56 +0000
committer: Laurent Bercot <ska-skaware@skarnet.org> 2021-05-28 01:05:56 +0000
commit: 02afa553cc33400ead38ac85f8f7f2f3fe79f49d (patch)
tree: d0d22ad521d9d3b8e28af128bae0ec796b35ff74 /doc/s6-tlsc.html
parent: d5ce828c97505e429e0cc87b5e87da4f7d291ad4 (diff)
download: s6-networking-02afa553cc33400ead38ac85f8f7f2f3fe79f49d.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/s6-tlsc.html b/doc/s6-tlsc.html
index b83ae57..95cc44f 100644
--- a/doc/s6-tlsc.html
+++ b/doc/s6-tlsc.html
@@ -98,6 +98,13 @@ used. </li>
  <li> <tt>SSL_TLS_SNI_SERVERNAME</tt> contains <em>servername</em>,
 if the <tt>-k</tt> option has been given; otherwise it is removed
 from the environment. </li>
+ <li> <tt>SSL_PEER_CERT_HASH</tt> contains the hash of the peer's
+End Entity certificate, prefixed by the name of the hash and a colon
+(typically <tt>SHA256:</tt>). </li>
+ <li> <tt>SSL_PEER_CERT_SUBJECT</tt> contains the decoded subjectDN
+of the peer's End Entity certificate, i.e. identifying information.
+What is traditionally called the "name" of the certificate is the
+CN field in that data. </li>
  <li> More similar environment variables containing information
 about the connection may be added in the future. </li>
 </ul>
author	Laurent Bercot <ska-skaware@skarnet.org>	2021-05-28 01:05:56 +0000
committer	Laurent Bercot <ska-skaware@skarnet.org>	2021-05-28 01:05:56 +0000
commit	02afa553cc33400ead38ac85f8f7f2f3fe79f49d (patch)
tree	d0d22ad521d9d3b8e28af128bae0ec796b35ff74 /doc/s6-tlsc.html
parent	d5ce828c97505e429e0cc87b5e87da4f7d291ad4 (diff)
download	s6-networking-02afa553cc33400ead38ac85f8f7f2f3fe79f49d.tar.xz