DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31314>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31314 SSLVerifyClient does not request client certificate from browser Summary: SSLVerifyClient does not request client certificate from browser Product: Apache httpd-2.0 Version: 2.0.51 Platform: PC OS/Version: Linux Status: NEW Severity: Major Priority: Other Component: mod_ssl AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] SSLVerifyClient does not request the client certificate from browser. I tested 2.0.48, 2.0.50 and 2.0.51 to no avail. The config works properly in v1.3.x my config: Alias /secure/ "/var/www/secure/" <Directory "/var/www/secure"> Options None AllowOverride AuthConfig SSLRequireSSL SSLVerifyClient optional SSLVerifyDepth 2 SSLOptions +FakeBasicAuth +StdEnvVars +CompatEnvVars \ +StrictRequire +OptRenegotiate Order deny,allow Deny from all Allow from 10.0.1.0/24 AuthType Basic AuthUserFile /etc/htpasswd.secure AuthName "Secure Access" require valid-user Satisfy Any </Directory> The premise is to request client certificates if the browser has one. If not, then request HTTP 401 Authorization. In /etc/htpasswd.secure, i have the complete DN of my certificate and the hash of the word 'password' as per the mod_ssl documentation (to satisfy mod_auth when using FakeBasicAuth) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
