Hello,
I try the construction of the server which satisfied three following conditions.
1) Directory[dir01] performs access control using SSL mutual authentication.
2) Directory[dir02] using only SSL server authentication.
3) Using SSL session cache.
Therefore I made it the following configuration file.
<Location "/dir01">
SSLRequireSSL
SSLVerifyClient require
</Directory>
<Location "/dir02">
SSLRequireSSL
</Location>
I can't use SSL session cache when I accessed dir01 again, Because Re-negotiation occured.
Next, When I set it as follows.
SSL session cache became effective,
but client certification became necessary for access to dir02.
SSLVerifyClient require
<Location "/dir01">
SSLRequireSSL
SSLVerifyClient require
</Directory>
<Location "/dir02">
SSLRequireSSL
</Location>
How should I have set it to satisfy a condition?
Regards
Nori
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
