Re: mod_ssl: behaviour with no client cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



How do I unsubsribe to stop recieveing these emails?
-----Original Message-----
>From: Joshua Slive <joshua@xxxxxxxx>
>Sent: Oct 24, 2007 10:34 AM
>To: users@xxxxxxxxxxxxxxxx
>Subject: Re:  mod_ssl: behaviour with no client cert
>
>On 10/23/07, Peng, Thierry <THIERRY.PENG@xxxxxxxxxxxx> wrote:
>>
>>
>>
>>
>> Hi
>>
>>
>>
>> I have a question about the mod_ssl. I've enabled the SSLVerifyClient in the
>> apache2.conf with the parameter require. This works perfectly, although,
>> when a user does not have a certificate, it sends only a not very meaningful
>> failure code back: in example -12195.
>>
>> Now, I'd like to replace this code with something, that the users sends to
>> another page if he doesnt provide a certificate. Is this possible, and if
>> yes, how?
>>
>
>I'm not an expert in this, but I think the trick is to allow the
>client to negotiate the connection whether or not it has the cert
>(using SSLVerifyClient optional) and then verify that the cert is
>there using SSLRequire or mod_rewrite. The trick is that you need an
>SSL connection setup in order to allow a decent error to be
>transmitted over the connection.
>
>Joshua.
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
>For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux