httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Debashis Roy <r_debas...@hotmail.com>
Subject RE: [users@httpd] Configuring MOD_SSL with and without client auth on the same box
Date Thu, 21 Apr 2011 19:53:04 GMT

Hi Mark,
 
Tried the <Location> approach. Works like a charm.
 
Thanks,
Debashis
 


Date: Wed, 20 Apr 2011 13:19:18 -0400
From: mark@catseye.org
To: users@httpd.apache.org
CC: r_debashis@hotmail.com
Subject: Re: [users@httpd] Configuring MOD_SSL with and without client auth on the same box


On April 20, 2011 6:06 , Debashis Roy <r_debashis@hotmail.com> wrote: 


I would like to configure two different context roots with MOD_SSL in Apache Httpd, such that
one is authenticated using client certificate and the other one does not require SSL client
authentication.
Each of these two context roots are eventually delegated MOD_PROXY_AJP two different backend
tomcat applications.
How can this be achieved. Any help/pointer highly appreciated.

The SSLVerifyClient directive controls whether a client certificate is required, optional,
or never used.  If you had two different <Location> stanzas in the same virtual host
(one for each of the two backend Tomcat applications), include the SSLVerifyClient directive
in the one that you wanted to authenticate using client certificates, and omit it from the
other.

Alternatively, you could set up two separate virtual hosts, one for each backend Tomcat application,
and specify the SSLVerfiyClient directive in one of the two virtual hosts, omitting it from
the other.
--
  Mark Montague
  mark@catseye.org 		 	   		  
Mime
View raw message