Hello!
We have Apache running on FreeBSD 7.2, where among others a SSL virtual
host is defined. One particular subdirectory of this virtual host is
configured to require client certificates, using .htaccess file:
------------------------------------------------
SSLVerifyClient Require
SSLVerifyDepth 3
<FilesMatch "\.(shtml|php)$">
SSLOptions +StdEnvVars +ExportCertData
</FilesMatch>
------------------------------------------------
Do I understand the "NOTE WELL" section of FreeBSD-SA-09:15 correctly that
if I apply the patch then this functionality will no longer work?
The only workaround I can think of is to require client certificates for
the entire vhost, but this is unrealistic to implement. Am I missing any
other options?
--
Toomas Aas
... What are you looking down here for? Read the message!
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
