| 1 |
On 2012-02-15 10:46 AM, Paul Hartman <paul.hartman+gentoo@×××××.com> wrote: |
| 2 |
> On Wed, Feb 15, 2012 at 8:46 AM, Tanstaafl<tanstaafl@×××××××××××.org> wrote: |
| 3 |
>> Hi everyone, |
| 4 |
>> |
| 5 |
>> I know that you can restrict access to a certain site using either Basic |
| 6 |
>> HTTP Auth or Digest Auth, but I was wondering - can you do the same with an |
| 7 |
>> SSL Client Certificate? |
| 8 |
> |
| 9 |
> Yes, you can. The specifics of how depend on what web server you're using. |
| 10 |
> |
| 11 |
> For Apache, there are some examples of different scenarios here: |
| 12 |
> https://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#allclients |
| 13 |
> |
| 14 |
>> I'd also like to provide for IP based exceptions if possible |
| 15 |
> |
| 16 |
> Trivial in Apache using mod_authz_host which is made for that kind of |
| 17 |
> thing. :) You can combine the two access methods (allow all if it's |
| 18 |
> coming from your company's internal IP, otherwise require |
| 19 |
> certificate). |
| 20 |
|
| 21 |
Perfect, thanks Paul (and yes this is with Apache)... |
| 22 |
|
| 23 |
Glad to know I can do it, hopefully I can get it working without having |
| 24 |
to sign up to yet another email list to ask for help... ;) |
Archives