Well, I tried the following : acl USER-ok CN surname.name acl USER-ko CN ko1.ko1 http_access allow USER-ok http_access deny USER-ko
Both user can still browse. Anything i forgot ? > -----Message d'origine----- > De : Henrik Nordstrom [mailto:[EMAIL PROTECTED] > Envoy� : vendredi 3 septembre 2004 17:17 > � : Fauquet, Xavier > Cc : 'Henrik Nordstrom'; '[EMAIL PROTECTED]' > Objet : RE: [squid-users] Trying too use user_cert acl with > SQUID 2.5 + > S SL patch > > > On Fri, 3 Sep 2004, Fauquet, Xavier wrote: > > > Henrik, > > > > > > Here is the line for https_port : > > https_port 5000 cert=/usr:local/squid/etc:key.crt > > key=/usr:local/squid:etc:key.pem > clientca=/usr/local/squid/etc/ca.crt > > Ok (assuming : is really / ?) > > > The subject of the certificate is something like : CN=surname.name > > [EMAIL PROTECTED] > > Then you should be able to use > > acl USER-ok CN surname.name > > or > > acl USER-ok E [EMAIL PROTECTED] > > or > > acl USER-OK DN CN=surname.name,[EMAIL PROTECTED] > > > DN or DistinguishedName is an exact match to the subject > > Regards > Henrik >
