httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Gale <>
Subject [users@httpd] Secure server ?
Date Mon, 09 Feb 2004 04:20:40 GMT

	I am building a apache web server with PHP and mysql. I want this
secure to be as secure as possible.

I have set up ssl on the web server, I have created my own CA, signed my
server cert and am specifying on a directory bases that client access
requires a valid cert signed by the same CA as the web server.

I believe this should be very secure :)

But I have a few questions ?

How can I make it so all directories, including sub-directories requires
client certs ? It seems that only the directory I explicitly set
require it.

<Directory /htdocs/test>
SSLVerifyClient 2

requires the client to have a cert but:

/htdocs/test/subdirectory does not :(

Also is there a way to limit a directory access by client cert ? 


Hand over the Slackware CD's and back AWAY from the computer, your geek
rights have been revoked !!!

Michael Gale
Slackware user :) 

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message