These two techniques can be used separately or together.
When both password and client cert are used it could be called two factor authentication.
Any of the above combinations are supported by httpd.
Thanks, John. But can I allow EITHER method to be used to access the SAME directory? Do I have to provide a different path to the same landing point? I definitely do NOT want two-factor authentication.
Answering my own question, I think the easy way out is to duplicate the TLS cert "directory" into, say, "directory2" and provide password access to it. That way the user with a cert selects one menu item ('Cert acccess') and the user with only a password selects 'Password access'.
But if anyone can show the Apache code for doing that without the duplication of the cert-protected directory that would be great.
Thanks again, John.
-Tom
