httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christoph Anton Mitterer <>
Subject [users@httpd] selectively disclaim on SSL client-auth for some directories
Date Thu, 29 Dec 2011 14:23:20 GMT

I wondered whether the following is somehow possible (I guess it's not).

I have a SSL vhost,... and I'd like to require SSL client cert
authentication _per default_ ... but selectively being able to not
demand it for some directories/files/locations.

Having something like:
<VirtualHost ..>

SSLVerifyClient require

<Directory /vhost/forThePublic>
SSLVerifyClient none


seems to work not (as I'd like to have it), as the vhost wide setting is
used for the initial SSL handshake.

So even if a client just asks for something in /vhost/forThePublic he'd
first have to present a valid client cert.

Any other ways?


View raw message