--- lighttpd-1.4.19.SSLCLIENT/src/response.c	2008-05-21 16:57:45.000000000 +0200
+++ lighttpd-1.4.19/src/response.c	2008-05-21 16:57:57.000000000 +0200
@@ -124,6 +124,8 @@
 	X509 *xs;
 	X509_NAME *xn;
 	X509_NAME_ENTRY *xe;
+	ASN1_INTEGER *xsn;
+
 	if (
 		SSL_get_verify_result(con->ssl) != X509_V_OK
 		|| !(xs = SSL_get_peer_certificate(con->ssl))
@@ -160,6 +162,36 @@
 		}
 		array_insert_unique(con->environment, (data_unset *)envds);
 	}
+
+/* Also got serial of the certificate */
+	xsn = X509_get_serialNumber(xs);
+	if (xsn)
+	{
+		data_string *envds;
+
+		char * serialHex;
+		BIGNUM *serialBN = NULL;
+
+
+		serialBN = ASN1_INTEGER_to_BN(xsn,NULL);
+		serialHex = BN_bn2hex(serialBN);
+
+                if (NULL == (envds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
+                        envds = data_string_init();
+                }
+
+		buffer_copy_string_len(envds->key, CONST_STR_LEN("SSL_CLIENT_M_SERIAL"));
+                buffer_copy_string(
+                        envds->value,
+                        serialHex
+                );
+                if (buffer_is_equal(con->conf.ssl_verifyclient_username, envds->key)) {
+                        buffer_copy_string_buffer(con->authed_user, envds->value);
+                }
+                array_insert_unique(con->environment, (data_unset *)envds);
+	}
+
+
 	X509_free(xs);
 }
 #endif