|
All, I am a newbie to Apache and have been struggling to
find a solution for my requirement. My requirement is that I need to configure
Apache so that it can 1)
Request for a SSL client certificate from a client
machine. 2)
Pass the client certificate to the server back-end for
authentication via LDAP. I could do #1 by adding a ‘SSLVerifyClient optional’
in my ssl.conf file. I could do #2 by configuring httpd.conf via mod_rewrite to
save the SSL_CLIENT_CERT in the http RequestHeader. However, I see that apache itself is trying to authenticate
the client certificate and not letting the backend handle the authentication.
Is there any way for Apache to request for the client certificate from the
client machine, but not do the authentication? I appreciate your help. Regards, Praveen |
|