Re: [users@httpd] client side certificates authentication in virtual hosts

"Serge Dubrouski" <sergeyfd@xxxxxxxxx> · Wed, 8 Nov 2006 10:24:13 -0700

On 11/8/06, Benjamin Cuthbert <
benjamin.cuthbert@xxxxxx>
wrote:

>

> All

>

> Can you run two SSL virtual host URLS on the same IP address and have
one

> running with no client certificate authentication and one running
without

It's possible if having one VirtualHost complaining about wrong Server

Certificate is applicable for you, which I really doubt.

> client authentication. I have tried it and the options

>

>          SSLVerifyClient require

>         SSLVerifyDepth 1

>

> But when this is enabled on one of the virtual hosts it takes out
the other

> virtual host and i am unable to connect.

Most probably you configure both for your VH with the same name. In

this case one of hosts ignored and you always hit the same VH. Or you

have some kind of other mistake in your config. It would be good to

take a look on how you configured them.

>

>  Regards

>

>  Ben Cuthbert

>  Deutsche Bank AG

>  Corporate & Investment Bank

>  GTO : TISO / Arch Global Finance / Prime Services

>  PGP: http://pgp.mit.edu

>  +44 (0) 20 754 76389 (Tel)

>  +44 (0) 20 754 74996 (Fax)

>  ---

>

>  This e-mail may contain confidential and/or privileged information.
If you

>  are not the intended recipient (or have received this e-mail
in error)

>  please notify the sender immediately and destroy this e-mail.
Any

>  unauthorized copying, disclosure or distribution of the material
in this

>  e-mail is strictly forbidden.

>

---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP Server Project.

See <URL:http://httpd.apache.org/userslist.html> for more info.

To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx

   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx

For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx