httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Browder <tom.brow...@gmail.com>
Subject [users@httpd] Want friendly error message for failed attempt to access a restricted directory
Date Wed, 11 May 2016 12:19:02 GMT
I am running Apache 2.4.18 and have one site (https://usafa-1965.org)
that requires a client certificate to access a restricted directory
("Classmates
Only").  How can I return a friendlier message than, e.g., Chrome
emits when a user without a valid certificate attempts to access the
restricted directory?

The following are the messages received on a mobile device (iPad 3)
with a failed attempt:

Chrome:
======

This site can't be reached...

ERR_SSL_CLIENT_AUTH_CERT_NEEDED

Firefox:
=====

The server "usafa-1965.org" requires a client certificate.

Try again

NSURLErrorDomain

The Firefox message is better, but I would like to control the message.

The httpd.conf file for the directory currently has this:

  <Directory ~ ".*/restricted">
   SSLOptions +StrictRequire
   SSLVerifyClient require
   # do NOT allow dir listings
   Options -Indexes
  </Directory>

I think I can do something like this:

  <Directory ~ ".*/restricted">
   SSLOptions +StrictRequire
   SSLVerifyClient require
   # do NOT allow dir listings
   Options -Indexes
   # error 403 is "Forbidden"
   ErrorDocument 403 "Sorry, you must have a valid client
certificate.\nContact your CS Rep to get one."
 </Directory>

Should that work, or is there a better way (or more appropriate error code)?

Thanks.

Best regards,

-Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message