iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Server Log File Formats
iTP Secure WebServer System Administrator’s Guide—522659-001
C-6
Extended Log Format
si-uid Contains the user ID in the ticket.
si-group Contains the group number in the ticket.
si-uctx Contains the user context field in the ticket.
issuer Contains the distinguished name (DN) of the direct issuer of the
client certificate. The DN is taken from the issuer field within the
client certificate. If client authentication is requested but the web
client did not authenticate, or if a problem was found while verifying
the certificate, this field is present but empty.
cipher Contains the cipher type used for the connection.
Example:
EXP-RC4-MD5
client-status Contains the client certificate status if client authentication is used.
Values include the following:
•
no-certificate
•
error-in-certificate
•
not-verified
•
forged
•
not-valid-yet
•
expired
•
issuer-not-ca
•
max-path-exceeded
•
issuer-cant-sign,
•
valid-but-root-certificates-don’t-match
•
valid-no-extensions
•
valid
Refer to Using the -requestauth Option
on page 4-25 for more
information about each value.
client-error-dn Contains the Distinguished Name (DN) of the certificate that is in
error, if client authentication is used and a problem is found while
verifying the client certificate.
security Contains the security protocol being used: either SSLV2, SSLV3, or
PCT.
client-error-dn Contains the distinguished name (DN) of the certificate that is in
error, if client authentication is used and a problem is found while
verifying the client certificate.
client Contains the distinguished name (DN) as taken from the subject field
of the client certificate, if client authentication is used. If client
authentication is requested and not provided, this field is present but
empty.
Table C-3. Extended Log Items (page 2 of 2)
Name Description