Geoff, removing the SSLRequire line is right, it
doesn't really matter though...
ok, done. thanks for the input.
--Geoff
On Fri, Jan 28, 2005 at 02:40:38PM -, [EMAIL PROTECTED] wrote:
+
+# specific to 2.1
+IfModule mod_authn_anon.c
+IfModule mod_auth_basic.c
+Location /ssl-fakebasicauth2
+SSLVerifyClient require
+
So Geoff is saying, you must try and at the next line you must also
succeed. With SSLVerifyClient optional, the semantics would be
instead Don't bother to insist for a certificate, but if user
forgot it, give him flaming death. Considered inappropriate :-)
i'm no expert here - I took the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Geoffrey Young wrote:
|
| so, are you saying that can remove SSLVerifyClient here and all is
| ok?
No no, you're right and Joe was wrong, you must not change a thing.
Sorry for being unclear!
- --
Dominique QUATRAVAUX
On Fri, Jan 28, 2005 at 05:22:28PM +, Joe Orton wrote:
On Fri, Jan 28, 2005 at 06:03:14PM +0100, Dominique Quatravaux wrote:
Geoffrey Young wrote:
|
| so, are you saying that can remove SSLVerifyClient here and all is
| ok?
No no, you're right and Joe was wrong, you must not