Web Server Management: Securing Access to Web Servers
Prev	Chapter 4. Configuring Apache to support TLS	Next

4.6. Logging

We can enable additional logging to see what is actually happening in HTTPS transactions, in addition to the normal Apache request and error logs.

 CustomLog /var/log/apache2/www-ssl.log \
         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

This uses Apache's normal CustomLog directive to record information relevant to HTTPS for each connections.

%t: Date and time
%h: Remote host
%{SSL_PROTOCOL}x: SSL Protocol in use
%{SSL_CIPHER}x: SSL Cipher in use
\"%r\": First line of request
%b: Bytes sent

Note that you will need to make some arrangement to rotate these newly-defined additional log files, probably by extending whatever system you use for existing webserver logs. Otherwise they will grow indefinitely.

Prev	Home	Next
Working around browser bugs	Up	Doing HTTP and HTTPS for the same hostname