I need to require client certificates for all but 2 locations. I've tried the following in my httpd.conf: <Location /> SSLVerifyClient require SSLVerifyDepth 10 </Location> <Location /ca/> SSLVerifyClient none SSLVerifyDepth 10 </Location> <Location /images/> SSLVerifyClient none SSLVerifyDepth 10 </Location> This works, but Netscape prompts me for my certificate on just about every request. If I could have the whole site require certificates, I would just do SSLVerifyClient require SSLVerifyDepth 10 and this would only prompt me once for my certificate (at least until the SSL session timed out). Is there a way to configure modssl so that I don't get prompted all the time? Should I just give up and move these 2 locations to a server that doesn't require client certs? Thanks Mike ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]