From 65a09524c3926547ed0b8515da211173df4fe379 Mon Sep 17 00:00:00 2001
From: Matt Holt <mholt@users.noreply.github.com>
Date: Fri, 7 Aug 2020 12:12:29 -0600
Subject: caddyhttp: Add TLS client cert info to logs (#3640)

---
 modules/caddyhttp/marshalers.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'modules/caddyhttp/marshalers.go')

diff --git a/modules/caddyhttp/marshalers.go b/modules/caddyhttp/marshalers.go
index 7f95923..9e8bb9f 100644
--- a/modules/caddyhttp/marshalers.go
+++ b/modules/caddyhttp/marshalers.go
@@ -73,10 +73,14 @@ type LoggableTLSConnState tls.ConnectionState
 func (t LoggableTLSConnState) MarshalLogObject(enc zapcore.ObjectEncoder) error {
 	enc.AddBool("resumed", t.DidResume)
 	enc.AddUint16("version", t.Version)
-	enc.AddUint16("ciphersuite", t.CipherSuite)
+	enc.AddUint16("cipher_suite", t.CipherSuite)
 	enc.AddString("proto", t.NegotiatedProtocol)
 	enc.AddBool("proto_mutual", t.NegotiatedProtocolIsMutual)
 	enc.AddString("server_name", t.ServerName)
+	if len(t.PeerCertificates) > 0 {
+		enc.AddString("client_common_name", t.PeerCertificates[0].Subject.CommonName)
+		enc.AddString("client_serial", t.PeerCertificates[0].SerialNumber.String())
+	}
 	return nil
 }
 
-- 
cgit v1.2.3