There's no code at all. HTTP connection is not even established. I don't
think it can be easily solved. You have to ALLOW connections from
clients without valid certificate in order to send them your custom
message, and resulting reduction of security probably does not worth it.
--
With Best Regards,
Marat Khalili
On 11/05/16 15:28, Tom Browder wrote:
On Wed, May 11, 2016 at 7:19 AM, Tom Browder <tom.brow...@gmail.com> wrote:
I am running Apache 2.4.18 and have one site (https://usafa-1965.org)
that requires a client certificate to access a restricted directory
("Classmates
Only"). How can I return a friendlier message than, e.g., Chrome
emits when a user without a valid certificate attempts to access the
restricted directory?
...
I think I can do something like this:
<Directory ~ ".*/restricted">
SSLOptions +StrictRequire
SSLVerifyClient require
# do NOT allow dir listings
Options -Indexes
# error 403 is "Forbidden"
ErrorDocument 403 "Sorry, you must have a valid client
certificate.\nContact your CS Rep to get one."
</Directory>
That doesn't work, so maybe I have the wrong error code. How can I
see what error code is actually being returned?
-Tom
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
