I have setup my apache+mod_ssl (for the first time), created my own ca
and server certs.
Now I want to grant access to a specific tree of my webserver only to
those clients, which have a cert from my ca.
I thought
<Directory /web/securearea>
SSLVerifyClient require
SSLVerifyDepth 1
</Directory>
would do the job, created a client cert and imported into a browser.
Using this cert I can access the protected area of my server.
Unfortunately I am requested for a certificate for every
subsequent access to that area. This is something, which I think is not
very userfriendly.
Is there a more userfriendly way to deal with this situation?
Thanks
Norbert Wegener
--
Norbert Wegener Fax : (49) 201 2661 377
SBS Essen Phone:(49) 201 2661 379
Germany Mail: [EMAIL PROTECTED]
http://relax.sbs.de (intranet)
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
