httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: FakeBasicAuth - a howto anywhere?
Date Thu, 27 Jan 2005 20:36:36 GMT
Mads Toftum wrote:

> Just checking - do you have SSLVerifyClient require somewhere else?
> SSLRequire %{SSL_CLIENT_VERIFY} eq "SUCCESS" doesn't really add much
> (unless you've only got optional with SSLVerifyClient)

I do - in the virtual host the cert is optional, in the protected URL 
space clients get "forbidden" if no cert is available. Works really well.

In contrast, SSLVerifyCert require throws a weird client error (a 
dreaded numeric code) on Firefox when the cert was missing, and IE gave 
it's usual wordy message about some vague problem with the client cert. 
It seems in the world of browsers, "optional" is handled much better.


View raw message