Hi,
I am running Apache 2.0.55 on a Linux From Scratch box.
I am trying to get an entire virtual host to get an entire virtual host to use
client certificates to authenticate, however I can only get it to work on
<Location /> directive (I havent tried <Directory>) which forces a renogiate.
This is fine for things like Firefox which can handle the renogiation, however
I plan on turning this virtual host into a subversion repository and havent
been able to get renogiation to work with the svn client or javasvn (but that
is a whole other problem).
The subversion2.phoenixphire.org-ssl.log verifies that a client certificate
isnt being sent with my configuration. After running some tests with
SSLVerifyClient require in a <Location /> directive I can verify that firefox
does send a client certificat after a renogiation.
Is this a bug? The Apache 2.0 documentation says that this is valid and should
work (The howto on the apache site for this also says this should work).
Cheers,
Phoenix
My virtual host config is as follows:
<VirtualHost *:443>
ServerName subversion2.phoenixphire.org
DocumentRoot /srv/www/subversion2.phoenixphire.org
ErrorLog /var/log/apache/subversion2.phoenixphire.org-error.log
CustomLog /var/log/apache/subversion2.phoenixphire.org-access.log common
CustomLog /var/log/apache/subversion2.phoenixphire.org-ssl.log "%t
%{SSL_CLIENT_I_DN_CN}x %{SSL_CLIENT_S_DN_CN}x"
SSLCACertificateFile /srv/www/ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StrictRequire
</VirtualHost>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
