Server version: Apache/2.0.54 Hi all.In our virtual hosts we have got a squirrelmail conf through https (without client side certificate). It works.
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin ezio@xxxxxxxxxxxxxxxxxx
ServerName webmail.comune.grosseto.it
SSLEngine on
DocumentRoot /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
php_flag register_globals off
Options Indexes FollowSymLinks
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
<Files configtest.php>
order deny,allow
deny from all
allow from 127.0.0.1
</Files>
</Directory>
</VirtualHost>
I'd like to add another Virtual Host in order to manage client side
certificates.
<VirtualHost *:443>
ServerAdmin ezio@xxxxxxxxxxxxxxxxxx
ServerName ciecns.comune.grosseto.it
LogLevel debug
SSLEngine on
SSLVerifyClient require
SSLVerifyDepth 3
SSLCACertificateFile /etc/apache2/ssl/caCerts.pem
DocumentRoot /var/www/
</VirtualHost>
Now, if I put this section before the squirrelmail, it asks me for the
certificate even though I point to the squirrelmail, while if the latter is
the second section, I can access everything without any certificate. It
sounds like if does not discriminate between client cert and no client
certificate, it only understand the method invoked in the first virtual host.
Do you have any ideas ? Ciao and thank you. Merry Chistmas. Yours Ezio. Ezio Paglia Sistemi e Database Servizi Informatici (SED) Comune di Grosseto Ufficio : +39-0564-488706 Fax : +39-0564-21139 Cellulare : +39-320-7984950 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|