On 01.12.09 09:53, Jai wrote: > We are trying to configure apache to accept client certificate when > accessing the page from client side. Here is the configuration, I wonder you bring this issue up two weeks after finding out that SSL re-negotiation is unsecure and should not be used: http://mail-archives.apache.org/mod_mbox/httpd-announce/200911.mbox/%3c20091107013220.31376.qmail@xxxxxxxxxxxxxxxxxxx%3e > <VirtualHost ********:4406> > RewriteEngine on > RewriteOptions inherit > ServerName *************************** > JkMountFile /apps/local/apache-ssl/conf/jkm_servicesit06.properties > JkRequestLogFormat "%w %V %T" > SSLCertificateFile certs/services.crt > Include conf/shared-ssl.conf > <Location /Dummy> > SSLCACertificatePath /apps/local/ssl_certificates/clients > SSLVerifyClient require > </Location> > </VirtualHost> -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|