Wed, 28 Jan 2004 05:30:07 -0800 

Hi all,

im trying to configure an apache 2.0 with modssl in roder to restric
access to some dirs using x509 certs.

The thing is that autehntification works, but when i load a new web page
the web server starts teling me that the web page needs authentification
and continuw to do so for almost every image included on the web page.

Should i need to change any session options ???
My config is below.

 
<IfDefine SSL>
 
        Listen 443
        AddType application/x-x509-ca-cert .crt
        AddType application/x-pkcs7-crl    .crl
        SSLPassPhraseDialog  builtin
        SSLSessionCache         dbm:/usr/local/apache/logs/ssl_scache
        SSLSessionCacheTimeout  300
        SSLMutex  file:/usr/local/apache/logs/ssl_mutex
        SSLRandomSeed startup builtin
        SSLRandomSeed connect builtin
 
 
<VirtualHost _default_:443>
 
        DocumentRoot "/var/www/secure"
        ServerName xxx.xxx.xxx
        ServerAdmin [EMAIL PROTECTED]
        ErrorLog /usr/local/apache/logs/error_log
        TransferLog /usr/local/apache/logs/access_log
 
        SSLEngine on
 
        SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
        SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
        SSLCertificateKeyFile /usr/local/apache/conf/ssl.crt/server.key
        SSLCACertificateFile /usr/local/apache/conf/ssl.crt/server.crt
        SSLCARevocationFile /usr/local/apache/conf/ssl.crt/server.crl
        SSLVerifyClient require
        SSLVerifyDepth  1
 
        <Location />
                SSLRequireSSL
        </Location>
 
        SSLOptions +StrictRequire +OptRenegotiate
        <Files ~ "\.(cgi|shtml|phtml|php3?)$">
            SSLOptions +StdEnvVars
        </Files>
        <Directory "/usr/local/apache/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>
 
 
        CustomLog /usr/local/apache/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 
</VirtualHost>
 
</IfDefine>





Cheers





-- 
 
------------------------------
Javier Sanchez
Administrador de Sistemas
MyAlert.com
a Buongiorno Vitaminic Company
[EMAIL PROTECTED]
Telf: +34 91 141 51 00
FAX. +34 91 667 39 51
-------------------------------

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to