In this thread: http://marc.theaimsgroup.com/?l=apache-modssl&m=94967065100671&w=2
It says to allow either client cert or basic auth is not feasible, but it was 2 years ago, is this still the case? The author of the originating message says he got it working but there were some holes, in my case I am prompted for a password even with a client cert. Also under the assumption that to allow either or I'd need to use SSLVerifyClient optional. If it is still an issue, is there some other way to allow either form of authentication? I know I could setup 2 locations, but I'd like the authentication to be transaprent ie; one URL for all. PS> Please (b)cc me as this address is not subscribed -- H4sICNoBwDoAA3NpZwA9jbsNwDAIRHumuC4NklvXTOD0KSJEnwU8fHz4Q8M9i3sGzkS7BBrm OkCTwsycb4S3DloZuMIYeXpLFqw5LaMhXC2ymhreVXNWMw9YGuAYdfmAbwomoPSyFJuFn2x8 Opr8bBBidccAAAA= -- MOTD on Sweetmorn, the 51st of Chaos, in the YOLD 3168: "Dear Lord, give me chastity and self-restraint... but not yet, O Lord, not yet!" -Saint Auguistine A.D. 354-430 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
