The SSL session is established *before* any HTTP traffic takes place. If the session fails to be set up, the client cannot send any request through to apache, which operates at the HTTP layer. So the server isn't really aware that any request was made and so can't very well generate a response...
I think you'd have to hack into the mod_ssl code to achieve this. Rgds, Owen Boyle >-----Original Message----- >From: Danny Kruitbosch [mailto:[EMAIL PROTECTED]] >Sent: Mittwoch, 28. August 2002 11:00 >To: modssl-users >Subject: Usefull error pages for users > > >Hi, > >I'm trying to figure out the following: > >We're using client certs for authentication and the >authentication works >fine. But when a user connect and isn't able to present his >cert of his >cert is revoked he gets an 'DNS or server error' (IE 5.5/6.0). I would >like to redirect this user to a custom error page saying something >intelligent like: > >"Certificate revoked" >"No certificate presented" >"Unable to verify certificate" > >or server specific errors like: > >CRL expired >Unable to verify certificate > > >How can I set this up? >(Is there a list of specific error codes SSL uses and can I use the >ErrorDocument directive on this. If so where do I find this >list of SSL >error codes) > >Thanks, > >Danny > >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
