Hi all, I've performed client authentication for a while as followed: Top level virtual host root: /companysecure (SSLRequire a certificate with company valid DN) Subdirectories: /companysecure/sub1 /companysecure/sub2(SSLRequire a certificate with more restrictive requirements on the sertificate (OU, Email, crls etc..))
And now I want to configure an additional acces to /companysecure/externalothersfor people not belonging to our company (and not having a certificate from our company), but I want to check their certificate to give them or refuse access to this directory as I did before outside the /companysecure/ tree.
The probleme is they dont show a valid company certificate (as required by SSLRequire on /companysecure top level directory), and acces is imediately refused as the first SSLRequire does not match at top level.
I would like to override the top level requirement in the subdirectory /companysecure/externalothers and keep the global protection at the top level /companysecure .
I cannot find the way to override the global SSLRequire authentication in a subdirectory.
Is it possible to achieve this goal with apache 2.0.X ? Is there a way to circumvent or trick the problem ?
-- Vincent Régnard TBS-internet.com
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
|