Hi Mark,
Tried the Location approach. Works like a charm.
Thanks,
Debashis
Date: Wed, 20 Apr 2011 13:19:18 -0400
From: m...@catseye.org
To: users@httpd.apache.org
CC: r_debas...@hotmail.com
Subject: Re: [users@httpd] Configuring MOD_SSL with and without client auth on
the same box
On April 20, 2011 6:06 , Debashis Roy r_debas...@hotmail.com wrote:
I would like to configure two different context roots with MOD_SSL in Apache
Httpd, such that one is authenticated using client certificate and the other
one does not require SSL client authentication.
Each of these two context roots are eventually delegated MOD_PROXY_AJP two
different backend tomcat applications.
How can this be achieved. Any help/pointer highly appreciated.
The SSLVerifyClient directive controls whether a client certificate is
required, optional, or never used. If you had two different Location stanzas
in the same virtual host (one for each of the two backend Tomcat applications),
include the SSLVerifyClient directive in the one that you wanted to
authenticate using client certificates, and omit it from the other.
Alternatively, you could set up two separate virtual hosts, one for each
backend Tomcat application, and specify the SSLVerfiyClient directive in one of
the two virtual hosts, omitting it from the other.
--
Mark Montague
m...@catseye.org