Environment cookies related to client certificates

Cookie Name	Description	Example Value (decoded)
`AL_ENV_SSL_CLIENT_CERT`	The client certificate in PEM format, containing newlines (`\n`).	`-----BEGIN CERTIFICATE-----<...>4B==`
`AL_ENV_SSL_CLIENT_I_DN`	The client certificate issuer distinguished name^*.	`CN=CA,OU=CertDepartment,O=TrustMe<...>`
`AL_ENV_SSL_CLIENT_M_SERIAL`	The serial number of the client certificate.	`518`
`AL_ENV_SSL_CLIENT_M_VERSION`	The version number of the client certificate.	`1`
`AL_ENV_SSL_CLIENT_S_DN`	The client certificate subject distinguished name^*. The cookie uses the `%SSL_CLIENT_S_DN%` rewrite variable value.	`CN=Bob,OU=Airlock,O=Ergon<...>`
`AL_ENV_SSL_CLIENT_V_START`	The client certificate validity start date.	`Oct 16 11:48:41 2013 GMT`
`AL_ENV_SSL_CLIENT_V_END`	The client certificate validity end date.	`Oct 29 05:20:25 2016 GMT`

The DN format used in the cookies AL_ENV_SSL_CLIENT_S_DN. The format supports non-ASCII characters and escapes special characters with backslashes.

The legacy format of Airlock Gateway releases before 5.0 can be enabled using Apache expert settings as follows:
SSLOptions +LegacyDNStringFormat

This option applies to all contexts – globally, virtual hosts, and mappings. For more details on Apache SSLOptions, consult the Apache Manual.