Hi. I wondered whether the following is somehow possible (I guess it's not). I have a SSL vhost,... and I'd like to require SSL client cert authentication _per default_ ... but selectively being able to not demand it for some directories/files/locations. Having something like: <VirtualHost ..> SSLVerifyClient require ... <Directory /vhost/forThePublic> SSLVerifyClient none ... </Directory> </VirtualHost> seems to work not (as I'd like to have it), as the vhost wide setting is used for the initial SSL handshake. So even if a client just asks for something in /vhost/forThePublic he'd first have to present a valid client cert. Any other ways? Thanks, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|