Hi, I've been trying to implement fakebasicauth because I hate having to authenticate on every reload using normal client certificate authentication.
However I can't get it to work on openbsd. I've followed the directions at: http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html and it just won't work - forbidden. So I started troubleshooting the problem using just plain basic auth and it appears that basic auth doesn't like the "/" character. Can someone else verify this or tell me what I am doing wrong? ============== .htaccess ================ SSLVerifyClient require SSLVerifyDepth 1 SSLOptions +FakeBasicAuth SSLRequireSSL AuthName "Snake Oil Authentication" AuthType Basic AuthUserFile .htpasswd require valid-user ============== .htaccess ================ ============== .htpasswd ================ [EMAIL PROTECTED]:xxj31ZMTZzkVA ============== .htpasswd ================ I've tried md5 passwords and the encrypted password that comes out of htpasswd "password" also and nothing works. if I just do basic auth I can only get access using the following configuration - ie remove "/": ============== .htaccess ================ #SSLVerifyClient require #SSLVerifyDepth 1 #SSLOptions +FakeBasicAuth #SSLRequireSSL AuthName "Snake Oil Authentication" AuthType Basic AuthUserFile .htpasswd require valid-user ============== .htaccess ================ ============== .htpasswd ================ [EMAIL PROTECTED]:KI5eE8rTJvs.U # where KI5eE8rTJvs.U is the encrypted htpasswd output of "password" ============== .htpasswd ================ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
