httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Serge Dubrouski" <serge...@gmail.com>
Subject Re: [users@httpd] client side certificates authentication in virtual hosts
Date Wed, 08 Nov 2006 17:24:13 GMT
On 11/8/06, Benjamin Cuthbert <benjamin.cuthbert@db.com> wrote:
>
>
> They does not sound like such a good idea, what if i bound the new virtual
> host to a new IP address would i then be able to
> run both in different modes ?


That sounds much better. And you will be able to have different Server
certificates and different Client Verification modes for them.

On 11/8/06, Benjamin Cuthbert <benjamin.cuthbert@db.com> wrote:
> >
> > All
> >
> > Can you run two SSL virtual host URLS on the same IP address and have
> one
> > running with no client certificate authentication and one running
> without
>
> It's possible if having one VirtualHost complaining about wrong Server
> Certificate is applicable for you, which I really doubt.
>
> > client authentication. I have tried it and the options
> >
> >          SSLVerifyClient require
> >         SSLVerifyDepth 1
> >
> > But when this is enabled on one of the virtual hosts it takes out the
> other
> > virtual host and i am unable to connect.
>
> Most probably you configure both for your VH with the same name. In
> this case one of hosts ignored and you always hit the same VH. Or you
> have some kind of other mistake in your config. It would be good to
> take a look on how you configured them.
>
> >
> >  Regards
> >
> >  Ben Cuthbert
> >  Deutsche Bank AG
> >  Corporate & Investment Bank
> >  GTO : TISO / Arch Global Finance / Prime Services
> >  PGP: http://pgp.mit.edu
> >  +44 (0) 20 754 76389 (Tel)
> >  +44 (0) 20 754 74996 (Fax)
> >  ---
> >
> >  This e-mail may contain confidential and/or privileged information. If
> you
> >  are not the intended recipient (or have received this e-mail in error)
> >  please notify the sender immediately and destroy this e-mail. Any
> >  unauthorized copying, disclosure or distribution of the material in
> this
> >  e-mail is strictly forbidden.
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
> ---
>
> This e-mail may contain confidential and/or privileged information. If you
>
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
>

Mime
View raw message