Hello,
I have set up Apache/1.3.20 (Win32) mod_ssl/2.8.4 OpenSSL/0.9.6a.
The server is running corectly.
<VirtualHost nicolas-omg:443>
SSLEngine On
SSLCertificateFile conf/ssl/my-server.cert
SSLCertificateKeyFile conf/ssl/my-server.key
SSLCACertificateFile conf/ssl/ca.cer
#SSLCACertificateFile conf/ssl/verisignCA.cer
SSLVerifyClient require
</VirtualHost>
Here is the description of the problem that I have:
I want to have the possibility to authenticate users either using certificates (using client-server authentication with SSL) or using simple login/passwrd. First, the Web server would always try to authenticate using user-server certificates (SSL), if the authentication fails, the Web server would redirect the user to an login/password authentication method (i.e. to a specific URL). The sequence of authentication is as follows :
- try to authenticate using user-server certificates
- if SSL user-server authentication OK proceed and send HTML page (end of authentication procedure)
- else
- if the user has no certificate (i.e. SSL user-server authentication
fails),
- then automatically redirect him to a login/password mod
authentication (i.e. a Web page protected with login/password) . In this
case, an new SSL connection must still be established using only server
certificate. Proceed with normal login/password authentication. In the
error.log file, there is : OpenSSL: error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned So in this
case, I want to redirect automatically towards a page requiring
login/paswrd. Any ideas on how can I do to implement this authentication
method?
Thanks a lot in advance !
In the error.log file, there is : OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returnedSo in this case, I want to redirect automatically towards a page requiring login/paswrd. How can I do to implement these both possibilities. Thanks
- then automatically redirect him to a login/password mod
authentication (i.e. a Web page protected with login/password) . In this
case, an new SSL connection must still be established using only server
certificate. Proceed with normal login/password authentication. In the
error.log file, there is : OpenSSL: error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned So in this
case, I want to redirect automatically towards a page requiring
login/paswrd. Any ideas on how can I do to implement this authentication
method?
______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
