Hello,
According to the documentation SSLVerifyClient can be used in a
directory context.
But I noticed that it is completely ignored (it always asks for a
user/password, no matter, if I have the client cert installed or not).
Here are the config directives (ignore the external provider):
<Directory "/dir_here">
Options Indexes FollowSymLinks
SSLVerifyClient optional
SSLVerifyDepth 2
AuthType Basic
AuthName "Restricted Section server"
AuthBasicProvider ibmdb2
AuthIBMDB2User user
AuthIBMDB2Password password
AuthIBMDB2Database dbname
AuthIBMDB2UserProc mod_authnz.getpassword
AuthIBMDB2GroupProc mod_authnz.getgroups
<RequireAny>
Include /etc/httpd/extra/file_with_require_expr.conf
Require user my_user
</RequireAny>
</Directory>
Please note that it works perfectly, if I create a virtual host and move
the following out of the directory section and put it in the virtual
host context:
SSLVerifyClient optional
SSLVerifyDepth 2
So either I am mnissing something, or the documention is wrong, or
there's a bug somewhere.
Can someone please shed some light on this?
Cheers,
K. C.
--
regards Helmut K. C. Tessarek
lookup http://sks.pkqs.net for KeyID 0xC11F128D
/*
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.
*/
