You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Praveen Venkataramaiah <pv...@pgp.com> on 2010/11/09 00:49:57 UTC

[users@httpd] Skip SSL authentication

All,
 I am trying to configure Apache so that it can pass the SSL_CLIENT_CERT to my back-end code. I can do this fine, but I have an additional requirement that, I do not want Apache to do the SSL authentication, but I want to pass the SSL_CLIENT_CERT to the back-end always and I want the back-end to do the authentication of the client certificate. I am seeing that whenever I configure Apache with 'SSLVerifyClient optional', if I send a unauthorized client certificate, my back-end never gets this information, as mod_ssl terminates the connection at the Apache level itself. Is there some way, by which I can have 'SSLVerifyClient optional', but still not do the authentication at the Apache level?

Thanks
Praveen