Hello! I think is good idea to enable common work of two these options:
SSLOptions +FakeBasicAuth and SSLUserName When we enable FakeBasicAuth option, we take username not "user", but "/C=RU/ST=-/L=Moscow/O=example.com/OU=Example/CN=user/[EMAIL PROTECTED]" This is in some cases inconveniently -- if we use, for example, Subversion VCS and make user authentication via certificate we take "strange" commiter's usename. I suggest to make some changes in mod_ssl module to allow set username as a part of Subject of the Client's X509 Certificate. For example, if SSLUserName is set to SSL_CLIENT_S_DN_CN, faked username is "user". Please look on these patches: For Apache 1.3 http://reki.ru/products/mod_ssl/mod_ssl-2.8.25-1.3.34-Username-patch and For Apache 2 http://reki.ru/products/subversion/patch-server-ssl_engine_kernel.c -- With best regards, Andrei. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]
