Hi all, I've performed client authentication for a while as followed:
Top level virtual host root:
/companysecure
(SSLRequire a certificate with company valid DN)
Subdirectories:
/companysecure/sub1
/companysecure/sub2
(SSLRequire a certificate with more restrictive requirements on the
sertificate (OU, Email, crls etc..))
And now I want to configure an additional acces to /companysecure/externalothersfor people not belonging to our company (and not having a certificate from our company), but I want to check their certificate to give them or refuse access to this directory as I did before outside the /companysecure/ tree.
The probleme is they dont show a valid company certificate (as required by SSLRequire on /companysecure top level directory), and acces is imediately refused as the first SSLRequire does not match at top level.
I would like to override the top level requirement in the subdirectory /companysecure/externalothers and keep the global protection at the top level /companysecure .
I cannot find the way to override the global SSLRequire authentication in a subdirectory.
Is it possible to achieve this goal with apache 2.0.X ? Is there a way to circumvent or trick the problem ?
-- Vincent Régnard TBS-internet.com
smime.p7s
Description: S/MIME Cryptographic Signature
