On Tue, Nov 11, 2003 at 04:29:22PM -0500, [EMAIL PROTECTED] wrote: > Thanks for the reply. I should be able to just add these lines to my > .htaccess: > > SSLVerifyClient optional > SSLOptions +StdEnvVars > require would be better than optional (at least for testing).
> and have the client variables in my environment (assuming the client > has a certificate installed), correct? Sorry I didn't RTFM earlier, > but I assumed it would be something complicated, and something only my > host could configure anyway. > > Anyway, I tried that and I still don't get the client variables. Am I > missing something? Is it possible the main configuration is overriding > mine? I must say that I've never really felt like playing around with my ssl setup in .htaccess files... one thing to check is wether the AllowOverride settings allow those directives in .htaccess - see Override for SSLVerifyClient and SSLOptions. Especially the Options override required by SSLOptions is something that won't be allowed. vh Mads Toftum -- Speaking at ApacheCon 2003 - http://ApacheCon.com/ T03, "Apache 2 mod_ssl tutorial" (3h) WE03, "Troubleshooting Apache configurations" WE11, "Apache mod_rewrite, the Swiss Army Knife of URL manipulation" ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
