httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benjamin Cuthbert <benjamin.cuthb...@db.com>
Subject Re: [users@httpd] client side certificates authentication in virtual hosts
Date Wed, 08 Nov 2006 16:21:31 GMT
They does not sound like such a good idea, what if i bound the new virtual 
host to a new IP address would i then be able to 
run both in different modes ?

Regards

Ben Cuthbert
Deutsche Bank AG
Corporate & Investment Bank
GTO : TISO / Arch Global Finance / Prime Services
PGP: http://pgp.mit.edu
+44 (0) 20 754 76389 (Tel)
+44 (0) 20 754 74996 (Fax)



"Serge Dubrouski" <sergeyfd@gmail.com> 
11/08/2006 03:52 PM
Please respond to
users@httpd.apache.org


To
users@httpd.apache.org
cc

Subject
Re: [users@httpd] client side certificates authentication in virtual hosts






On 11/8/06, Benjamin Cuthbert <benjamin.cuthbert@db.com> wrote:
>
> All
>
> Can you run two SSL virtual host URLS on the same IP address and have 
one
> running with no client certificate authentication and one running 
without

It's possible if having one VirtualHost complaining about wrong Server
Certificate is applicable for you, which I really doubt.

> client authentication. I have tried it and the options
>
>          SSLVerifyClient require
>         SSLVerifyDepth 1
>
> But when this is enabled on one of the virtual hosts it takes out the 
other
> virtual host and i am unable to connect.

Most probably you configure both for your VH with the same name. In
this case one of hosts ignored and you always hit the same VH. Or you
have some kind of other mistake in your config. It would be good to
take a look on how you configured them.

>
>  Regards
>
>  Ben Cuthbert
>  Deutsche Bank AG
>  Corporate & Investment Bank
>  GTO : TISO / Arch Global Finance / Prime Services
>  PGP: http://pgp.mit.edu
>  +44 (0) 20 754 76389 (Tel)
>  +44 (0) 20 754 74996 (Fax)
>  ---
>
>  This e-mail may contain confidential and/or privileged information. If 
you
>  are not the intended recipient (or have received this e-mail in error)
>  please notify the sender immediately and destroy this e-mail. Any
>  unauthorized copying, disclosure or distribution of the material in 
this
>  e-mail is strictly forbidden.
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org





---

This e-mail may contain confidential and/or privileged information. If you 
are not the intended recipient (or have received this e-mail in error) 
please notify the sender immediately and destroy this e-mail. Any 
unauthorized copying, disclosure or distribution of the material in this 
e-mail is strictly forbidden.
Mime
View raw message