httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Helmut K. C. Tessarek" <>
Subject bug with SSLVerifyClient?
Date Mon, 21 Nov 2016 17:40:46 GMT

According to the documentation SSLVerifyClient can be used in a
directory context.
But I noticed that it is completely ignored (it always asks for a
user/password, no matter, if I have the client cert installed or not).

Here are the config directives (ignore the external provider):

<Directory "/dir_here">
    Options Indexes FollowSymLinks

    SSLVerifyClient             optional
    SSLVerifyDepth              2

    AuthType Basic
    AuthName "Restricted Section server"
    AuthBasicProvider           ibmdb2

    AuthIBMDB2User              user
    AuthIBMDB2Password          password
    AuthIBMDB2Database          dbname
    AuthIBMDB2UserProc          mod_authnz.getpassword
    AuthIBMDB2GroupProc         mod_authnz.getgroups

       Include /etc/httpd/extra/file_with_require_expr.conf
       Require user             my_user

Please note that it works perfectly, if I create a virtual host and move
the following out of the directory section and put it in the  virtual
host context:

    SSLVerifyClient             optional
    SSLVerifyDepth              2

So either I am mnissing something, or the documention is wrong, or
there's a bug somewhere.

Can someone please shed some light on this?

  K. C.

regards Helmut K. C. Tessarek
lookup for KeyID 0xC11F128D

   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.

View raw message