Server version: Apache/2.0.54 Hi all.In our virtual hosts we have got a squirrelmail conf through https (without client side certificate). It works.
NameVirtualHost *:443 <VirtualHost *:443> ServerAdmin ezio@xxxxxxxxxxxxxxxxxx ServerName webmail.comune.grosseto.it SSLEngine on DocumentRoot /usr/share/squirrelmail <Directory /usr/share/squirrelmail> php_flag register_globals off Options Indexes FollowSymLinks <IfModule mod_dir.c> DirectoryIndex index.php </IfModule> <Files configtest.php> order deny,allow deny from all allow from 127.0.0.1 </Files> </Directory> </VirtualHost>I'd like to add another Virtual Host in order to manage client side certificates.
<VirtualHost *:443> ServerAdmin ezio@xxxxxxxxxxxxxxxxxx ServerName ciecns.comune.grosseto.it LogLevel debug SSLEngine on SSLVerifyClient require SSLVerifyDepth 3 SSLCACertificateFile /etc/apache2/ssl/caCerts.pem DocumentRoot /var/www/ </VirtualHost>Now, if I put this section before the squirrelmail, it asks me for the certificate even though I point to the squirrelmail, while if the latter is the second section, I can access everything without any certificate. It sounds like if does not discriminate between client cert and no client certificate, it only understand the method invoked in the first virtual host.
Do you have any ideas ? Ciao and thank you. Merry Chistmas. Yours Ezio. Ezio Paglia Sistemi e Database Servizi Informatici (SED) Comune di Grosseto Ufficio : +39-0564-488706 Fax : +39-0564-21139 Cellulare : +39-320-7984950 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx