On 10/23/07, Peng, Thierry <[EMAIL PROTECTED]> wrote:
>
>
>
>
> Hi
>
>
>
> I have a question about the mod_ssl. I've enabled the SSLVerifyClient in the
> apache2.conf with the parameter require. This works perfectly, although,
> when a user does not have a certificate, it sends only a not very meaningful
> failure code back: in example -12195.
>
> Now, I'd like to replace this code with something, that the users sends to
> another page if he doesnt provide a certificate. Is this possible, and if
> yes, how?
>

I'm not an expert in this, but I think the trick is to allow the
client to negotiate the connection whether or not it has the cert
(using SSLVerifyClient optional) and then verify that the cert is
there using SSLRequire or mod_rewrite. The trick is that you need an
SSL connection setup in order to allow a decent error to be
transmitted over the connection.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to