Environment variables on HTTP Server
In the IBM HTTP Server for i5/OS, environment variables are supported.
Information for this topic supports the latest PTF levels for HTTP Server for iSeries . IBM recommends that you install the latest PTFs to upgrade to the latest level of the HTTP Server for i5/OS. Some of the topics documented here are not available prior to this update. See IBM Service for more information.
The supported environment variables for HTTP Server are listed here. The environment variables have been divided into two groups: Non-SSL and SSL.
You can provide secure Web serving when you run HTTP traffic over the SSL protocol. To use SSL, your server must have a digital certificate. This is how a retail company on the Internet allows users to look through the merchandise without security. These same users then fill out order forms and send their credit card numbers by using SSL. A browser that does not support HTTPS cannot request URLs by using HTTP over SSL. The Non-SSL browsers will not allow the submission of forms that need secure submission.
Not all environment variables are supported by both HTTP Server types. Make sure to check that the environment variable is supported by your HTTP Server type.
All headers sent by the client (such as Set-Cookie) are prefixed by "HTTP_", and their value can be extracted. To access variables that are headers, prefix the variable name with "HTTP_". You can also create new variables using the HTTP_set() predefined function.
Variable Name Type Description AUTH_TYPE Non-SSL If the server supports client authentication and the script is a protected script, this environment variable contains the method that is used to authenticate the client.
Example: Cert_Or_Basic
CGI_ASCII_CCSID Non-SSL Contains the ASCII CCSID the server used when converting CGI input data. If the server did not perform any conversion, (for Example, in %%BINARY%% mode), the server sets this value to the DefaultNetCCSID configuration directive value.
Example: 819
CGI_EBCDIC_CCSID Non-SSL Contains the EBCDIC CCSID under which the current CGI job is running (DefaultFsCCSID or CGIJobCCSID configuration directive). It also represents the job CCSID that is used during server conversion (if any) of CGI input data.
Example: 37
CGI_JOB_LOCALE Non-SSL Allows a locale to be set globally or for a specific CGI job. After the locale is set, country specific information such as date or time format can be accessed. Some ILE C/C++ run-time functions such as ctime() and localtime() are locale sensitive. Example: CGIJobLocale /QSYS.LIB/LOCALELIB.LIB/EN_US.LOCALE
CGI_MODE Non-SSL Contains the CGI conversion mode the server is using for this request. The program can use this information to determine what conversion, if any, was performed by the server on CGI input data and what format that data is currently in.
Example: EBCDIC
CGI_OUTPUT_MODE Non-SSL Determines which output conversion mode the server is using.
Example: EBCDIC
CONTENT_LENGTH Non-SSL When the method of POST is used to send information, this variable contains the number of characters. Servers typically do not send an end-of-file flag when they forward the information by using stdin. If needed, you can use the CONTENT_LENGTH value to determine the end of the input string.
Example: 7034
CONTENT_TYPE Non-SSL When information is sent with the method of POST, this variable contains the type of data included. You can create your own content type in the server configuration file and map it to a viewer.
Example: Application/x-www-form-urlencoded
DATE_GMT Non-SSL The current date and time in Greenwich Mean Time.
Example: 2000/12/31:03:15:20
DATE_LOCAL Non-SSL The current date and time in the local time zone.
Example: 2000/08/14:15:40:10
DOCUMENT_NAME Non-SSL The file name of the document requested by the user.
Example: /www/myserver/htdocs/html/hello.html
DOCUMENT_PATH_ INFO Non-SSL Contains the additional path information as sent by the Web browser for SSI.
Example: /wizard
DOCUMENT_ROOT Non-SSL Sets the directory from which the HTTP Server will serve files. The server appends the path from the requested URL to the document root and makes the path to the document.
Example: /www/myserver/htdocs
DOCUMENT_URI Non-SSL The URI of the document requested by the user.
Example: /html/hello.html
The DOCUMENT_URI and DOCUMENT_URL environment variables are identical
DOCUMENT_URL Non-SSL The URL of the document requested by the user.
Example: /html/hello.html
The DOCUMENT_URI and DOCUMENT_URL environment variables are identical.
FSCP Non-SSL The EBCDIC CCSID used to translate the data.
Example: 37
GATEWAY_ INTERFACE Non-SSL Contains the version of CGI that the server is using.
Example: CGI/1.1
HTTP_ACCEPT Non-SSL Contains the list of MIME types the browser accepts.
Example: image/gif,image/x-xbitmap,image/jpeg,image/pjeg,image/pgn,*/*
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returns the environment variable.
HTTP_ACCEPT_CHARSET Non-SSL Contains the list of character sets the browser accepts.
Example: iso-8859-1,*,utf-8
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returns the environment variable.
HTTP_ACCEPT_ENCODING Non-SSL Contains the list of encoding protocols the browser accepts. Example: gzip
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returna the environment variable.
HTTP_ACCEPT_ LANGUAGE Non-SSL Contains the list of languages the browser accepts.
Example: de,fr,en
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header will return the environment variable.
HTTP_CONNECTION Non-SSL The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returns to the environment variable.
Example: Keep-Alive
HTTP_COOKIE Non-SSL User defined cookie for the response.
Example: w3ibmTest=true
HTTP_HOST Non-SSL Contains the HTTP host URL.
Example: IBM®.COM
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returns the environment variable.
HTTP_USER_AGENT Non-SSL Contains the name of your browser (web client). It includes the name and version of the browser, requests that are made through a proxy, and other information.
Example: Mozilla/4.72 [en ](WinNT;U)
The header lines received from the client, if any, are placed into the environment variable with the prefix HTTP_* followed by the header name. The header returns the environment variable.
IBM_CCSID_VALUE Non-SSL The CCSID under which the current server job is running.
Example: 37
NETCP Non-SSL The default ASCII CCSID used to translate the data.
Example: 819
PATH_INFO Non-SSL Contains the additional path information as sent by the web browser.
Example: /wizard
PATH_TRANSLATED Non-SSL Contains the decoded or translated version of the path information that is contained in PATH_INFO, which takes the path and does any virtual-to-physical mapping to it.
Example: /wwwhome/wizard
QIBM_CGI_ LIBRARY_LIST Non-SSL This variable is used to set the CGI jobs' library list. The variable can be set using the SetEnv directive. See the SetEnv directive for more information.
QUERY_STRING Non-SSL When information is sent using a method of GET, this variable contains the information in a query that follows the "?". The string is coded in the standard URL format of changing spaces to "+" and encoding special characters with "%xx" hexadecimal encoding. The CGI program must decode this information.
Example: NAME=Eugene+T%2E+Fox=etfox%7Cibm.net=xyz
The supported maximum size of QUERY_STRING is 8K for HTTP Server (powered by Apache).
QZHBHA_MODEL Non-SSL Model of the highly available Web server.
Example: PRIMARYBACKUP
QZHBIS_FIRST_REQUEST Non-SSL This environment variable indicates to a CGI program if this is a subsequent request of some session. The Web server sets this variable to 1 if this is not a subsequent request of any session (this is potentially the first request of a new session). The Web server sets this variable to 0 if this is a subsequent request of some session.
Example: 0
QZHBIS_CLUSTER_ ENABLED Variable broken for display purposes only.
Non-SSL This environment variable indicates to the CGI program that the CGI program is allowed to be cluster-enabled if the request does not belong to any existing session (QZHBIS_FIRST_REQUEST is set to 1). This environment variable indicates to the CGI program that the CGI program is cluster-enabled (QZHBIS_FIRST_REQUEST set to "0"). When the Web server receives a first request to a CGI, it decides if the CGI program is allowed to be cluster-enabled. If the CGI program is allowed to be cluster-enabled, the Web server sets the QZHBIS_CLUSTER_ENABLED environment variable to 1; otherwise the Web server does not define the QZHBIS_CLUSTER_ENABLED environment variable. When the Web server receives a subsequent request to a CGI, it looks to see if the session is cluster-enabled. If the session is cluster-enabled, the Web server sets the QZHBIS_CLUSTER_ENABLED environment variable to 1; otherwise the Web server does not define the QZHBIS_CLUSTER_ENABLED environment variable.
Example: 1
QZHBNEXT_SESSION_HANDLE Non-SSL This environment variable contains a new session handle for a CGI program to use. If the CGI program is cluster-disabled, it may ignore this session handle. The Web server generates a session handle and sets the QZHBNEXT_SESSION_HANDLE environment variable to this value. If the CGI program decides to be cluster-enabled, it must use the passed session handle in the URLs of subsequent requests; otherwise, the Web server will not associate subsequent requests with this session.
Example: 8B739003AB741824899F0004AC009021
QZHBRECOVERY Non-SSL Contains whether the highly available Web server has gone through a recovery (primary to backup or backup to primary). If this environment variable is present, recovery has occurred. If it is not present, then recovery has not occurred REDIRECT_QUERY_ STRING Non-SSL Contains QUERY_STRING from a re-directed request.
Example: NAME=Eugene+T%2E+Fox=etfox%7Cibm.net=xyz
REDIRECT_QUERY_ URL Non-SSL This environment variable is used in the primary/backup models only. This environment variable is used to indicate to a cluster-enabled CGI program that it should perform a recovery operation (for example, restore its state). The Web server passes a session handle to the CGI program through the QZHBRECOVERY environment variable. The Web server passes the CGI's state to the CGI program. If there is no recovery, this environment variable is undefined. In the primary/backup model, the high availability CGI is also treated as a persistent CGI. The high availability CGI state information can also be retained in the CGI job. The next request for the next step in the CGI is automatically run in the same job. Therefore, the CGI program can skip reading its state unless this environment variable is defined.
Example: 4D868803AB731824899F0004AC009021
REFERER Non-SSL Contains the referrer.
Example: http://www.myserver.com/cgi-bin/
HTTP_REFERER Non-SSL Contains the referrer.
Example: http://www.myserver.com/cgi-bin/
REFERER_URL Non-SSL Contains the referrer URL.
Example: http://WWW.MYSERVER.COM:8080/perlSetEnv/
REMOTE_ADDR Non-SSL Contains the IP address of the remote host (web browser) that is making the request, if available.
Example: 10.10.2.3
REMOTE_PORT Non-SSL Contains the remote user port number.
Example: 3630
REMOTE_IDENT Non-SSL Contains the user ID of the remote user.
Example: MyIdentityx
REMOTE_USER Non-SSL If you have a protected script and the server supports client authentication, this environment variable contains the user name that is passed for authentication.
Example: SMITH
REQUEST_METHOD Non-SSL Contains the method (as specified with the METHOD attribute in an HTML form) that is used to send the request.
Example: GET
REQUEST_URI Non-SSL Specifies URI to be requested.
Example: /cgi-bin/hello.pgm
RULE_FILE Non-SSL Specifies rule file to be used.
Example: /www/myserver/conf/httpd.conf
SCRIPT_FILENAME Non-SSL The file name of the document requested by the user.
Example: /QSYS.LIB/CGI.LIB/HELLO.PGM
SCRIPT_NAME Non-SSL A virtual path to the program being run. Use this for self-referring URLs.
Example: /cgi-bin/hello.pgm
SERVER_ADDR Non-SSL Contains the address of the server.
Example: 10.10.2.3
SERVER_ADMIN Non-SSL Contains information about the server administrator.
Example: [no address given ]
SERVER_NAME Non-SSL Contains the server host name or IP address of the server.
Example: 10.9.8.7
SERVER_PORT Non-SSL Contains the port number to which the client request was sent.
Example: 2001
SERVER_PROTOCOL Non-SSL Contains the name and version of the information protocol that is used to make the request.
Example: HTTP/1.0
SERVER_SIGNATURE Non-SSL Allows configuration of a trailing footer line under server generated documents like error messages, mod_proxy ftp directory listings, and mod_info output. Enabling the footer line allows the user to tell which chained servers in a proxy chain produced a returned error message.
Example: On
SERVER_SOFTWARE Non-SSL Contains the name and version of the information server software that is answering the request.
Example: IBM-HTTP-SERVER/1.0
SSI_DIR Non-SSL The path of the current file relative to SSI_ROOT. If the current file is in SSI_ROOT, this value is "/".
Example: ssi_child_dir/
SSI_FILE Non-SSL The file name of the current file.
Example: ssi_parent.shtml
SSI_INCLUDE Non-SSL The value that is used in the include command that retrieved this file. This is not defined for the topmost file.
Example: ssi_child_dir/ssi_child.shtml
SSI_PARENT Non-SSL The path and file name of the include, relative to SSI_ROOT.
Example: ssi_parent.shtml
SSI_ROOT Non-SSL The path of the topmost file. All include requests must be in this directory or a child of this directory.
Example: #echo var=SSI_DIR ->
You can use echo to display a value set by the set or global directives.
UNIQUE_ID Non-SSL Provides a unique magic token and acts as the identifier across all requests under very specific conditions.
Example: aK8YOAkFBZkAABsuEC4AAACB
HTTPS SSL Returns ON if the system has completed an SSL handshake. It returns OFF if the exchange of signals to set up communications between two modems has failed.
Example: OFF
HTTPS_CIPHER SSL This is the cipher that is used to negotiate with the client on the SSL handshake.
Example: SSL_RSA_WITH_RC4_128_MD5
HTTPS_CLIENT_ CERT SSL The entire certificate passed to the server from the client browser when SSL client authentication is enabled. The format of the certificate is a BASE64 encoded string that represents the DER format of the X.509 certificate. As an environment variable the BASE64 encoded string has been converted to EBCDIC and must be converted back to ASCII before it can be used for typical digital certificate API's.
Example: MIIC0DCCAbigAwIBAgIHOL2Yx...
HTTPS_CLIENT_ CERT_COMMON _NAME SSL The common name from the client certificate's distinguished name.
Example: SMITH
HTTPS_CLIENT_ CERT_COUNTRY SSL The country code from the client certificate's distinguished name.
Example: US
HTTPS_CLIENT_ CERT_DN SSL The client certificate's distinguished name.
Example: :cn=CAPTAIN,ou=downtown,o=fire fighters,l=Minot,st=North Dakota,c=US
HTTPS_CLIENT_ CERT_EMAIL SSL The email of the client owning the certificate.
Example: me@mycompany.com
HTTPS_CLIENT_ CERT_ISSUER_ COMMON_NAME SSL The common came of the certificate authority that issued the client's certificate.
Example: SMITH
HTTPS_CLIENT_ CERT_ISSUER_ COUNTRY SSL The country code of the certificate authority that issued the client's certificate.
Example: US
HTTPS_CLIENT_ CERT_ISSUER_DN SSL The distinguished name of the certificate authority that issued the client's certificate.
Example: :cn=testsystem.ibm.com CA,ou=Test Organization Unit,o=System test, l=Rochester,st=Minnesota,c=US
HTTPS_CLIENT_ CERT_ISSUER_EMAIL SSL The e-mail address of the certificate authority that issued the client's certificate.
Example: me@mydomain.net
HTTPS_CLIENT_ CERT_ISSUER_ LOCALITY SSL The locality or city of the certificate authority that issued the client's certificate.
Example: New York
HTTPS_CLIENT_ CERT_ISSUER_ORG_ UNIT SSL The organizational unit of the certificate authority that issued the client's certificate.
Example: bird watchers
HTTPS_CLIENT_ CERT_ISSUER_ ORGANIZATION SSL The organization name of the certificate authority that issued the client's certificate.
Example: dove
HTTPS_CLIENT_ CERT_ISSUER_ POSTAL_CODE SSL The postal code of the certificate authority that issued the client's certificate.
Example: 12344-6789
HTTPS_CLIENT_ CERT_ISSUER_STATE_ OR_PROVINCE SSL The state or province of the certificate authority that issued the client's certificate.
Example: North Dakota
HTTPS_CLIENT_ CERT_LEN SSL The length of the certificate passed in HTTPS_CLIENT_CERT.
Example: 968
HTTPS_CLIENT_ CERT_LOCALITY SSL The locality or city of the client certificate's distinguished name.
Example: New York
HTTPS_CLIENT_ CERT_ORG_UNIT SSL The organization unit name from the client certificate's distinguished name.
Example: Pack234
HTTPS_CLIENT_ CERT_ ORGANIZATION SSL The organization name from the client certificate's distinguished name.
Example: Scouts
HTTPS_CLIENT_ CERT_POSTAL_CODE SSL The postal code assigned by the issueing certificate authority.
Example: 80525
HTTPS_CLIENT_ CERT_SERIAL_NUM SSL The serial number assigned by the issuing certificate authority.
Example: 3F:E4:83:81:02:D5:58
HTTPS_CLIENT_ CERT_STATE_OR_ PROVINCE SSL The state or province from the client certificate's distinguished name.
Example: Alberta
HTTPS_CLIENT_ ISSUER_EMAIL SSL Contains the email address of the Certificate Authority that issued the certificate.
Example: jones@mydomain.net
HTTPS_KEYSIZE SSL If a valid security product is installed and the SSLMode directive is SSLMode=ON, this will be set to the size of the bulk encryption key used in the SSL session.
Example: [ 128 ]
HTTPS_SESSION_ID SSL Set to NULL by default when used with HTTP Server (powered by Apache). HTTPS_SESSION_ ID_NEW SSL If the value is TRUE, it indicates that a full handshake was performed for this SSL session. If the value is FALSE, it indicates that an abbreviated handshake was performed for this SSL session.
Example: True
SSL_CIPHER SSL This is the cipher that is used to negotiate with the client on the SSL handshake.
Example: SSL_RSA_WITH_RC4_128_MD5
SSL_CLIENT_C SSL The country code from the client certificate's distinguished name.
Example: USA
SSL_CLIENT_ CERTBODY SSL The entire certificate passed to the server from the client browser when SSL Client authentication is enabled. The format of the certificate is a BASE64 encoded string that represents the DER format of the X.509 certificate. As an environment variable the BASE64 encoded string has been converted to EBCDIC and must be converted back to ASCII before it can be used for typical digital certificate API's.
Example: MIIC0DCC big IB gIHOL2Yx...
SSL_CLIENT_ CERTBODYLEN SSL The length of the certificate passed in SSL_CLIENT_CERT.
Example: 828
SSL_CLIENT_ CERT_EMAIL SSL The email of the client owning the certificate.
Example: me@mycompany.com
SSL_CLIENT_CN SSL The common name from the client certificate's distinguished name.
Example: SMITH
SSL_CLIENT_DN SSL The client's distinguished name.
Example: :cn=CAPTAIN,ou=downtown,o=fire fighters,l=Minot,st=North Dakota,c=US HTTPS_CLIENT_CERT_DN :cn=CAPTAIN,ou=downtown,o=fire fighters,l=Minot,st=North Dakota,c=US
SSL_CLIENT_ICN SSL The common name of the certificate authority that issued the client's certificate.
Example: SMITH
SSL_CLIENT_IC SSL The country code of the certificate authority that issued the client's certificate.
Example: CA
SSL_CLIENT_IDN SSL The distinguished name of the certificate authority that issued the client's certificate.
Example: :cn=testsystem.ibm.com CA,ou=Test Organization Unit,o=System test, l=Rochester,st=Minnesota,c=US
SSL_CLIENT_EMAIL SSL The e-mail of the certificate authority that issued the client's certificate.
Example: me@mycompany.com
SSL_CLIENT_IL SSL The locality of the certificate authority that issued the client's certificate.
Example: New York
SSL_CLIENT_IO SSL The organization name of the certificate authority that issued the client's certificate.
Example: bird watchers
SSL_CLIENT_IOU SSL The organizational unit of the certificate authority that issued the client's certificate.
Example: bird watchers
SSL_CLIENT_IPC SSL The postal code of the certificate authority that issued the client's certificate.
Example: 55901
SSL_CLIENT_IST SSL The state or province of the certificate authority that issued the client's certificate.
Example: MNA
SSL_CLIENT_L SSL The locality or city of the client certificate's distinguished name.
Example: New York
SSL_CLIENT_ NEWSESSIONID SSL If the value is TRUE, it indicates that a full handshake was performed for this SSL session. If the value is FALSE, it indicates that an abbreviated handshake was performed for this SSL session.
Example: True
SSL_CLIENT_O SSL The organization name from the client certificate's distinguished name.
Example: bird watchers
SSL_CLIENT_OU SSL The organizational unit name from the client certificate's distinguished name.
Example: bird watchers
SSL_CLIENT_PC SSL The postal code from the client certificate's distinguished name.
Example: 58401
SSL_CLIENT_ SERIALNUM SSL The serial number assigned by the issuing certificate authority.
Example: 3F:E4:83:81:02:D5:58
SSL_CLIENT_ SESSIONID SSL If the value is TRUE, it indicates that a full handshake was performed for this SSL session. If the value is FALSE, it indicates that an abbreviated handshake was performed for this SSL session.
Example: True
SSL_CLIENT_ST SSL The state or province from the client certificate's distinguished name.
Example: North Dakota
SSL_PROTOCOL_ VERSION SSL The SSL protocol version negotiated on the SSL handshake with the client.
Example: SSLV3
SSL_SERVER_C SSL The country where the server is located in.
Example: Denmark
SSL_SERVER_CN SSL The common name from the server certificate's distinguished name.
Example: WWW.MYDOMAIN.COM
SSL_SERVER_DN SSL The server's distinguished name.
Example: :cn=TESTSYSTEM.IBM.COM,ou=MyTestOrganizationUnit, o=Software test, l=Rochester,st=Minnesota,c=US
SSL_SERVER_EMAIL SSL The e-mail address of the server certificate.
Example: me@mydomain.net
SSL_SERVER_L SSL The locality of the server certificate's distinguished name.
Example: New York
SSL_SERVER_OU SSL The organization unit name from the server certificate's distinguished name.
Example: bird watchers
SSL_SERVER_O SSL The organization name from the server certificate's distinguished name.
Example: bird watchers
SSL_SERVER_ST SSL The state or province from the server certificate's distinguished name.
Example: North Dakota
HTTP_AS_ AUTH_PROFILETKN SSL and Non-SSL A 32-bit value used to identify or authenticate the user. See the ProfileToken directive for more information.
Parent topic:
Reference documentation for HTTP Server