|
Surprising that no one else had to deal with this issue before. Correct me if I am wrong, is the substring for SSLRequire the only way to achieve the desired
outcome? Thanks, Bharath Kolla From: Bharath.C.Kolla@xxxxxxxxxxxxxx.INVALID [mailto:Bharath.C.Kolla@xxxxxxxxxxxxxx.INVALID]
We have a client cert that contains multiple OU’s (3 to be specific), but we just need to construct a substring for SSLRequire to evaluate 2 specific OU’s from the OU list.
I tried using: SSLRequire ( %{SSL_CLIENT_S_DN_O} eq “abc” \
and %{SSL_CLIENT_S_DN_OU} in {“test1”,”dev”,”apacheorg”}) However, this substring checks for all 3 OU’s and sends a 403 if one of them is not present in the client cert. What I need is for it to just check for 2 OU’s (specifically,
test1 & dev) and leave the 3rd one from evaluating.
What is the best possible way to achieve this? Thanks, Bharath Kolla |
|