Re: SSL Client Auth with Virtual Hosts

Hoda Nadeem schrieb:
> A team member was able to find a working solution (issue: single IP, two
> domains, one domain requires client auth, the other domain plain SSL,
> both functional with same apache instance using virtual hosts):

Hi Hoda,

test the following:

Close all browsers to get a new clean session (start new IE). Use a
browser with definitely no included user cert (sometimes free
email-certs are also enabled for client authentification, backup and
remove). Visit your second defined <domain 2>. Asking for an user cert?

According to your setup all request can go to only one of the
configured vhost, do some more test with clean browsers (=> close your
browsers after each test to ensure the session is really closed). To
ensure you are on the right vhost it would make sense to use different
docroots with different content showing right away where you are hitting.

Eckard
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org