On 10/23/07, Peng, Thierry <THIERRY.PENG@xxxxxxxxxxxx> wrote: > > > > > Hi > > > > I have a question about the mod_ssl. I've enabled the SSLVerifyClient in the > apache2.conf with the parameter require. This works perfectly, although, > when a user does not have a certificate, it sends only a not very meaningful > failure code back: in example -12195. > > Now, I'd like to replace this code with something, that the users sends to > another page if he doesnt provide a certificate. Is this possible, and if > yes, how? > I'm not an expert in this, but I think the trick is to allow the client to negotiate the connection whether or not it has the cert (using SSLVerifyClient optional) and then verify that the cert is there using SSLRequire or mod_rewrite. The trick is that you need an SSL connection setup in order to allow a decent error to be transmitted over the connection. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|