We have a server that prompts for a client certificate when accessed.
How do we configure it to only prompt for a certificate for selected url's? For example, when accessing this a certificate should be provided, but for this it should not.
This does not work for me on our IBM HTTP server!
Any help is greatly appreciated
This is simply not supported in IHS. You either have to use a separate IP:PORT combination for this protected area or prompt use SSLClientAuth OPTIONAL to prompt for the enitre virtual host then limit access to /protected_area by checking with e.g. mod_rewrite to see if a certificate was provided.
<virtualhost *:443>
SSLEnable
SSLClientAuth OPTIONAL
...
RewriteEngine on
RewriteCond %{ENV:SSL_CLIENT_CERTBODYLEN} ^$
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule /protected_area/ /certrequired.html [PT]
</virtualhost>
