httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Naaman Musawwir" <naama...@inbox.lv>
Subject Cert Based Autnentication problem (POST)
Date Wed, 25 Dec 2002 08:10:57 GMT
Hi,

I have configured certificate based authentication for a URL and the related
directive is as follows:

<Location /myapp/strongauth/>
    SSLRequireSSL
    SSLVerifyClient require
    SSLVerifyDepth 1
    SSLOptions +StrictRequire +OptRenegotiate +StdEnvVars +ExportCertData
    SSLCACertificateFile /usr/local/apache/conf/ssl/cacert.pem
</Location>

Authentication works fine, but after that POST submits do not work. I get
the error as follows:

Here are some details:

1. It is the "SSLVerifyClient require" directive that causes the problem. I
tried the access under HTTPS without client side cert auth and also by
changing the directive to "SSLVerifyClient none." The POST works fine under
those conditions. However, once client side cert auth is required, it fails
to work.

2. I tried opening up access for the POST method through use of other
directives like <Limit>, <LimitExcept> and the SSLRequire option with
REQUEST_METHOD. I did not get any better results.

Please help through this problem. Has anyone configured this successfully?

Thanks,
Naaman Musawwir.

Mime
View raw message