I have 2 applications that resides on the same Web Site and shares the same URL prefix (i.e. www.whatever.com), but lives within different virtual directories. Each of those applications has different security requirements: One REQUIRES a client-side certificate and the other one doesn't. Below are example URLs of what the client would enter: DOESN'T require a Client-Side certificate: https://www.whatever.com/NoClientCertRequred/ DOES require a Client-Side certificate: https://www.whatever.com/ClientCertRequred/ In a Squid reverse proxy configurations, in order to use client certificates, the respective CA signer of the client-side certificates must be installed on the Squid server (not the web server) level so the end-user get challenged to present a client-side certificate by Squid instead of by the web server. Correct? The question I have is this: Can Squid be configured to define client-side certificate requirements at the DIRECTORY level (like the aforementioned "/ClientCertRequred/") or does the requirements have to be set based on the web site as a whole (i.e. "www.whatever.com")? If this is possible, any example squid.conf configurations of this set-up would be great. Any insight you can offer would be greatly appreciated! Thanks.
