On Tue, Dec 01, 1998, Michael Kunze wrote:
> i'm trying to set up 'Basic Authentication' with mod_ssl and ran into trouble.
>
> First, i'm not sure about the user name: is that the client's full DN (which could be
> a lenghty string) or is it just the clients CN?
It's the full DN because it has to identifiy the subject as a whole
(the certificate is issued for the subject and not for the CN).
> Second, no matter which of the above i put into my AuthUserFile, the servers asks me
> for username and password when i connect to the https port. I've put an .htaccess
>file
> into the document root which contains the AuthUserFile directive and tried a 'require
> user My_DN/CN' directive - both do fail. The SSL environment variables are set, e.g.
> SSL_CLIENT_CN (i tried that without client authentication).
>
> When i just type in my CN and the password 'password', i can, of course, log in. But
> this works with every certificate..8-(...
>
> Am i overlooking something obvious?
You have to give me a few more details to test it myself your exact way. What
mod_ssl version do you using, what shows "ssleay x509 -noout -text -in <file>"
where <file> is your client certificate and what exact per-server and
per-directory/.htaccess directives are used?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
