It was thus said that the Great Krist van Besien once stated: > On Wed, Apr 29, 2009 at 4:06 AM, Buddy wu <ejournal4me@xxxxxxxxx> wrote: > > I use apache with ssl and require client cert. how to let the user know he > > shouldrequest a cert? now when a person without a cert access the site, it > > only appreas that "the site can't be displayed ,maybe network problem" > > how to give a hint to user , he should use a cert to access this cert > > Use a custom error page. That won't work. The error Buddy is getting is happening at a lower level as SSL is trying to negotiate a secure channel. On Firefox 2, I get a rather terse pop-up box with what looks like a random number on it. Firefox 3 gives a bit more information, but that's the client. And Apache won't log a request since no request has been sent. Your best bet is to have the protected content a bit lower in the site. For instance, my own secure site: https://secure.conman.org/ is visible to all. The critical stuff, the stuff that's protected by client certificates, appears under: https://secure.conman.org/library/ That's about the best you can do at this point in time. -spc --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|