summaryrefslogtreecommitdiff
path: root/modules/caddyhttp
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddyhttp')
-rw-r--r--modules/caddyhttp/app.go1
-rw-r--r--modules/caddyhttp/replacer.go3
2 files changed, 4 insertions, 0 deletions
diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go
index 8285200..91c31c8 100644
--- a/modules/caddyhttp/app.go
+++ b/modules/caddyhttp/app.go
@@ -77,6 +77,7 @@ func init() {
// `{http.request.tls.client.public_key}` | The public key of the client certificate.
// `{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.
// `{http.request.tls.client.certificate_pem}` | The PEM-encoded value of the certificate.
+// `{http.request.tls.client.certificate_der_base64}` | The base64-encoded value of the certificate.
// `{http.request.tls.client.issuer}` | The issuer DN of the client certificate
// `{http.request.tls.client.serial}` | The serial number of the client certificate
// `{http.request.tls.client.subject}` | The subject DN of the client certificate
diff --git a/modules/caddyhttp/replacer.go b/modules/caddyhttp/replacer.go
index 4d27a84..2cf456f 100644
--- a/modules/caddyhttp/replacer.go
+++ b/modules/caddyhttp/replacer.go
@@ -25,6 +25,7 @@ import (
"crypto/tls"
"crypto/x509"
"encoding/asn1"
+ "encoding/base64"
"encoding/pem"
"fmt"
"io"
@@ -352,6 +353,8 @@ func getReqTLSReplacement(req *http.Request, key string) (interface{}, bool) {
case "client.certificate_pem":
block := pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}
return pem.EncodeToMemory(&block), true
+ case "client.certificate_der_base64":
+ return base64.StdEncoding.EncodeToString(cert.Raw), true
default:
return nil, false
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 04:25:50 +0000