[CALUG] Apache logs
Jason C. Miller
jason.c.miller at gmail.com
Wed Jun 24 14:05:42 EDT 2009
Okey dokey. Was just trying to limit the amount of e-mail traffic. :)
So, I've got a PKI-enabled web server (Apache) and our company is
mandating that we log all attempts to access our site with an expired
certificate. The problem is that this particular event is handled as an
error and thus logged by the ErrorLog directive. The issue is
simple...there's not enough information in the log. Here is an example entry:
---------------------------------------
[Wed Jun 24 13:00:00 2009] [error] Certificate Verification: Error(10)
certificate has expired.
---------------------------------------
This log entry is pretty much worthless considering that it gives us
nothing more than a date and there are no corresponding messages in the
corresponding access log. The error, as best as I can figure, is
actually thrown by the openssl code is mod_ssl.
According to the apache documentation
(http://httpd.apache.org/docs/2.0/logs.html),
"It is not possible to customize the error log by adding or removing
information". However, I have a hard time believing that
I can't even get an IP address from the request somehow.
Does anybody know of any fixes/workarounds/voodoo that I could employ for
this task?
~j
On Wed, 24 Jun 2009, Craig Younkins wrote:
> You might as well just ask. Anyone who has used apache may happen to know
> the answer.
>
> Craig Younkins
>
> On Wed, Jun 24, 2009 at 1:51 PM, Jason C. Miller <jason.c.miller at gmail.com>
> wrote:
> Are there any apache gurus on here? :)
>
>
> ~j
>
> _______________________________________________
> CALUG mailing list
> CALUG at unknownlamer.org
> http://lists.unknownlamer.org/listinfo/calug
>
>
>
>
More information about the CALUG
mailing list