XRD_PELICANX509AUTHPREFIXESFILE: Location of a file specifying the prefixes to use with X.509 authentication.
XRD_PELICANCLIENTCERTFILE: Location of the X.509 client certificate to use.
XRD_PELICANCLIENTCERTKEY: Location of the X.509 client key to use.
When set, the XRD_PELICANX509AUTHPREFIXESFILE is periodically parsed for prefixes (one prefix per line). If an incoming URL matches the prefix, then the connection to the origin will use the specified client certificate for authentication.
I'm not quite sure what's up with your hash issue; however, pulling the hash from the logs was one other approach I was going to suggest.
I have a separate PR that also updates the C++ standard to 20. In my dev environment, I get a warning, not a failure. For simplicity, please just add a one-line commit changing the standard when merging.
This introduces three new environment variables:
XRD_PELICANX509AUTHPREFIXESFILE
: Location of a file specifying the prefixes to use with X.509 authentication.XRD_PELICANCLIENTCERTFILE
: Location of the X.509 client certificate to use.XRD_PELICANCLIENTCERTKEY
: Location of the X.509 client key to use.When set, the
XRD_PELICANX509AUTHPREFIXESFILE
is periodically parsed for prefixes (one prefix per line). If an incoming URL matches the prefix, then the connection to the origin will use the specified client certificate for authentication.