You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Praveen Venkataramaiah <pv...@pgp.com> on 2010/10/29 02:16:49 UTC

[users@httpd] Question about passing client certificates through

All,
 I am a newbie to Apache and have been struggling to find a solution for my requirement. My requirement is that I need to configure Apache so that it can


1)      Request for a SSL client certificate from a client machine.

2)      Pass the client certificate to the server back-end for authentication via LDAP.

I could do #1 by adding a 'SSLVerifyClient optional' in my ssl.conf file.
I could do #2 by configuring httpd.conf via mod_rewrite to save the SSL_CLIENT_CERT in the http RequestHeader.

However, I see that apache itself is trying to authenticate the client certificate and not letting the backend handle the authentication. Is there any way for Apache to request for the client certificate from the client machine, but not do the authentication?

I appreciate your help.

Regards,
Praveen