Yes, I did mean to have that included. -thanks.
# SSL Engine Switch:
SSLEngine on
# Server Certificate:
SSLCertificateFile /etc/apache2/ssl/.....
# Server Private Key:
SSLCertificateKeyFile /etc/apache2/ssl/.....
# Certificate Authority (CA):
SSLCACertificateFile /etc/apache2/ssl/....
# Force X.509 certificates to be used for this location
<Location ~ "/protected-location">
Allow from all
Order allow,deny
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
# SSL Protocol Adjustments:
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-
shutdown downgrade-1.0 force-response-1.0
I've tried commenting out the <Location> and placing the SSL
directives at the VirtualHost level, this seems to work fine, but I
can't have VerifyClient across the entire site due to complaints from
users about Certificate challenges in I.E. etc.
thanks again,
Mark
On Jan 18, 2007, at 9:10 PM, Dave Paris wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Mark,
a) you never added the contents of your <Location> directive (i.e.
"with
the following <Location> directives..")
b) you don't specify *why* you need these, particularly given that
you're using IP-based virtual hosts. (i.e. "(which we really need)")
Without this information, it's impossible to answer your question
and I
highly suspect that your solution lies with a minor reconfiguration.
Kind Regards,
- -dsp
Mark Diggory wrote:
Hello,
I've been doing my research and can't find a solution for this
issue, we
have IP based virtual hosts with the following <Location> directives
(which we really need) and are getting the 405 Post not allowed
error.
The issue does not seem to be addressed again for 3 years now. Is
there
a solution to this?
http://marc.theaimsgroup.com/?l=apache-modssl&m=104857625910336&w=2
Here is my current configuration:
Gentoo: 1.12.6
mod_ssl: 2.8.25-r10
apache: 2.0.58-r2
mod_jk: 1.2.19
tomcat: 5.5.20-r7
Thanks in advance for any advice,
Mark R. Diggory
~~~~~~~~~~~~~
DSpace Systems Manager
MIT Libraries, Systems and Technology Services
Massachusetts Institute of Technology
_____________________________________________________________________
_
Apache Interface to OpenSSL (mod_ssl)
www.modssl.org
User Support Mailing List modssl-
[EMAIL PROTECTED]
Automated List Manager
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFFsCiIKmNPF3QynfQRAomwAJ4pPBcfzWeeD93Q+YedPX8YV6ARMACfW4EZ
7277LvxtQRhQC8QzxBrE6h8=
=Eqmr
-----END PGP SIGNATURE-----
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]
Mark R. Diggory
~~~~~~~~~~~~~
DSpace Systems Manager
MIT Libraries, Systems and Technology Services
Massachusetts Institute of Technology
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]
