Add $ssl_client_s_dn_cn for nginx config template

certidude/templates/nginx-https-site.conf

@@ -17,5 +17,13 @@ server {
     ssl_client_certificate {{authority_path}};
     ssl_crl {{revocations_path}};
     ssl_verify_client {{verify_client}};
+
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass unix:/run/php5-fpm.sock;
+        fastcgi_index index.php;
+        fastcgi_param REMOTE_USER $ssl_client_s_dn_cn;
+        include fastcgi_params;
+    }
 }
 

certidude/templates/nginx-tls.conf

@@ -4,3 +4,9 @@ ssl_session_cache shared:SSL:10m;
 ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 ssl_dhparam {{dhparam_path}};
 
+# Add SSLUserName SSL_CLIENT_S_DN_CN style parameter support
+map $ssl_client_s_dn  $ssl_client_s_dn_cn {
+    default           "";
+    ~/CN=(?<CN>[^/]+) $CN;
+}
+