https://issues.apache.org/bugzilla/show_bug.cgi?id=49037
--- Comment #4 from Paul Donohue <[email protected]> 2010-04-14 11:47:36 EDT --- As I mentioned on bug #47492, I don't think this patch is necessary, as 'optional_no_ca' always asks for a client certificate too. The only difference between this required_no_ca and the existing optional_no_ca is that required_no_ca will automatically disconnect the client if a certificate is not provided, while optional_no_ca will accept the connection if a certificate is not provided, and the application must disconnect the client itself if a certificate is needed (but this should be trivial if you are already doing your own validation). Regardless, I've attached a separate patch to bug #45922 which includes updated documentation for the SSLVerifyClient directive that should help clear up some of the confusion. (I've run into a number of people who believe that 'optional' and require' cause Apache to ask for the cert differently, when in fact the only difference is that 'require' will automatically give up and disconnect if it doesn't get a certificate back after it asks for one). -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
