1 |
On Wed, Feb 15, 2012 at 8:46 AM, Tanstaafl <tanstaafl@×××××××××××.org> wrote: |
2 |
> Hi everyone, |
3 |
> |
4 |
> I know that you can restrict access to a certain site using either Basic |
5 |
> HTTP Auth or Digest Auth, but I was wondering - can you do the same with an |
6 |
> SSL Client Certificate? |
7 |
|
8 |
Yes, you can. The specifics of how depend on what web server you're using. |
9 |
|
10 |
For Apache, there are some examples of different scenarios here: |
11 |
https://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#allclients |
12 |
|
13 |
> I'd also like to provide for IP based exceptions if possible |
14 |
|
15 |
Trivial in Apache using mod_authz_host which is made for that kind of |
16 |
thing. :) You can combine the two access methods (allow all if it's |
17 |
coming from your company's internal IP, otherwise require |
18 |
certificate). |