I am puzzled. The following works for me (Apache 2.0.54/Solaris 8): <VirtualHost labelle16:8443> LogLevel warn ProxyRequests Off ServerName labelle16 SSLEngine On SSLCertificateFile /u01/etc/x509/ssl.crt/labelle16.crt SSLCertificateKeyFile /u01/etc/x509/ssl.key/labelle16.key <Location /> SSLRequireSSL SSLVerifyClient Require </Location> <Location /abc/> SSLRequireSSL SSLVerifyClient none </Location> </VirtualHost> However, contrary to what I thought, if I reverse the order of the Location sections a client certificate is required in both cases. -ascs -----Original Message----- From: Azwan Adli Abdullah [mailto:azwan@xxxxxxxxxxxx] Sent: Monday, January 09, 2006 6:11 PM To: Axel-Stéphane SMORGRAV Cc: users@xxxxxxxxxxxxxxxx; azwan@xxxxxxxxxxxx Subject: RE: [users@httpd] Override SSLVerifyClient Hi, Tried that but also doesn't work. Any other clue? Rgds, Azwan > Reverse the order of the two Location sections. > > -ascs > > -----Original Message----- > From: Azwan Adli Abdullah [mailto:azwan@xxxxxxxxxxxx] > Sent: Monday, January 09, 2006 9:14 AM > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] Override SSLVerifyClient > > Hi All, > I have 1 question regarding howto override SSLVerifyClient directive > in Location directive. Let say I have 10 different URLs and 1 of them > NO need to verify the client cert and the other 9 need to verify the > client cert. Example that I've tried is as below but seems doesn't work. > > <Location /> > SSLRequireSSL > SSLVerifyClient Require > Allow from all > </Location> > > <Location /abc> > SSLRequireSSL > SSLVerifyClient None > Allow from all > </Location> > > For the location /abc, it still prompt for client cert. I've searched > through the net but can't find the answer. > > Thanks. > Azwan. > > -- > Azwan Adli Abdullah > Slackweb.net > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > -- Azwan Adli Abdullah Slackweb.net --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx