From: Joe Orton <jorton@apache.org>
Date: Sat, 12 Feb 2011 15:41:17 +0000 (+0000)
Subject: * docs/manual/mod/: Play language lawyer with the SSL_*_DN_*_n variable
X-Git-Tag: 2.3.11~70
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e0742ac982ebfe22a264fe2dcd94555a2a90933f;p=apache

* docs/manual/mod/: Play language lawyer with the SSL_*_DN_*_n variable
  description.

PR: 45875


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1070094 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en
index 597500d25d..ec21ca030d 100644
--- a/docs/manual/mod/mod_ssl.html.en
+++ b/docs/manual/mod/mod_ssl.html.en
@@ -157,10 +157,18 @@ compatibility variables.</p>
 <code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>.  In Apache 2.1 and
 later, <em>x509</em> may also include a numeric <code>_n</code>
 suffix.  If the DN in question contains multiple attributes of the
-same name, this suffix is used as an index to select a particular
-attribute.  For example, where the server certificate subject DN
-included two OU fields, <code>SSL_SERVER_S_DN_OU_0</code> and
-<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.</p>
+same name, this suffix is used as a zero-based index to select a
+particular attribute.  For example, where the server certificate
+subject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
+and
+<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.  A
+variable name without a <code>_n</code> suffix is equivalent to that
+name with a <code>_0</code> suffix; the first (or only) attribute.
+When the environment table is populated using
+the <code>StdEnvVars</code> option of
+the <code class="directive"><a href="#ssloptions">SSLOptions</a></code> directive, the
+first (or only) attribute of any DN is added only under a non-suffixed
+name; i.e. no <code>_0</code> suffixed entries are added.</p>
 
 <p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
 2.3.11. See the <code>LegacyDNStringFormat</code> option for
diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml
index f4ebecaaab..bb2400877e 100644
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -101,10 +101,18 @@ compatibility variables.</p>
 <code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>.  In Apache 2.1 and
 later, <em>x509</em> may also include a numeric <code>_n</code>
 suffix.  If the DN in question contains multiple attributes of the
-same name, this suffix is used as an index to select a particular
-attribute.  For example, where the server certificate subject DN
-included two OU fields, <code>SSL_SERVER_S_DN_OU_0</code> and
-<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.</p>
+same name, this suffix is used as a zero-based index to select a
+particular attribute.  For example, where the server certificate
+subject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
+and
+<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.  A
+variable name without a <code>_n</code> suffix is equivalent to that
+name with a <code>_0</code> suffix; the first (or only) attribute.
+When the environment table is populated using
+the <code>StdEnvVars</code> option of
+the <directive module="mod_ssl">SSLOptions</directive> directive, the
+first (or only) attribute of any DN is added only under a non-suffixed
+name; i.e. no <code>_0</code> suffixed entries are added.</p>
 
 <p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
 2.3.11. See the <code>LegacyDNStringFormat</code> option for