Pierre Couderc wrote:
I want to give an access to users controlled by client certificates on a per directory basis.It seems that there is a recurrent bug in mod_ssl the traces of which I have found on the WEB and in apache bugzilla, which has for result to give an error with a bad answer to the browser and a "renegotiation failed" in the logs.My question is, is there an uptodate synthetic howto describing how to do that? Else, did someone success doing an access by client certificates, with some directories where the certificate is not required, and using POSTs?
I'm not sure what problem you're seeing, but it sounds suspiciously like an extant POST-with-client-certificate bug that I ran into recently. It seems that anything in Apache2 less recent than Apache 2.2 can't handle POSTs together with client certs under some circumstances (though there is a patch that should fix the problem for earlier versions). I believe that there was no such problem with Apache 1.3.x though I haven't tested it. I've had client certs and POST working without problem with 2.2 so if you can upgrade to that, it's probably the quickest fix. If you look back a few weeks in the archives for this list you'll see a thread where Joe Orton posts a reference for the patch for Apache 2.0.x, should you need to stick with that. -- Regards Stephen Collyer Netspinner Ltd --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|