httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Risacher <mag...@alum.mit.edu>
Subject asking mod_ssl for client certificates from another module
Date Tue, 02 Aug 2005 16:24:19 GMT

I've been trying to figure out if there is a way to ask mod_ssl to
require client certificates from another module before the response
phase.  (I think the answer is 'no'.)

In more detail, I'm prototyping an access handler that would allow
requests from certain client IP addresses, and require client
certificates from all others.  It seems like mod_ssl API does not have
a hook for requesting a renegotiation; and that this can only be done
on a per directory basis at configure time.  

Can someone who understands mod_ssl comment on how to dynamically
force client authentication?  Would it be feasible to make such an
extension to the mod_ssl API?  

Dan

Mime
View raw message