| 1 |
On Wed, Feb 15, 2012 at 8:46 AM, Tanstaafl <tanstaafl@×××××××××××.org> wrote: |
| 2 |
> Hi everyone, |
| 3 |
> |
| 4 |
> I know that you can restrict access to a certain site using either Basic |
| 5 |
> HTTP Auth or Digest Auth, but I was wondering - can you do the same with an |
| 6 |
> SSL Client Certificate? |
| 7 |
|
| 8 |
Yes, you can. The specifics of how depend on what web server you're using. |
| 9 |
|
| 10 |
For Apache, there are some examples of different scenarios here: |
| 11 |
https://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#allclients |
| 12 |
|
| 13 |
> I'd also like to provide for IP based exceptions if possible |
| 14 |
|
| 15 |
Trivial in Apache using mod_authz_host which is made for that kind of |
| 16 |
thing. :) You can combine the two access methods (allow all if it's |
| 17 |
coming from your company's internal IP, otherwise require |
| 18 |
certificate). |
Archives