Full_Name: Jason Haar Version: 2.8.4 through 2.8.8 OS: Linux Submission from: (NULL) (203.96.111.202)
I've got SSL certs and FakeBasicAuth 99.9% working well. e.g. With a valid client cert and that DN put into a DB file, I can view https://domain/dir/test.php, and I've written that to show me SSL_CLIENT_CN,etc - all fine If I remove that DN from the DB file, then I get access denied - all fine If I revoke the cert I get "your cert has been revoked" (except under IE that reports "the server cert has been revoked - this site should not be trusted" - GAHHH!! I think that's an IE bug - Mozilla does it right. However, that's an aside. If I have a valid cert and can view https://domain/dir/test.php correctly, then try to go to https://domain/dir/, I get "access denied". If I remove the "require valid-user" line, https://domain/dir/ starts working... No error of any description is reported in error_log of ssl_engine_log, but access_log shows the 403. It looks like there's an ordering problem there somewhere. I've whacked in "Options All","AllowOverride All" to no avail. That dir works fine under http and https as long as there's no require statement. Any ideas? Thanks ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
