handling of client certificates

To: apache-ssl@lists.aldigital.co.uk
Subject: handling of client certificates
From: "Markus Grill" <mg@schwarz.de>
Date: Mon, 17 Aug 1998 15:44:17 +0100
Delivered-To: mailing list apache-ssl@lists.aldigital.co.uk
Mailing-List: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
Reply-To: apache-ssl@lists.aldigital.co.uk

hi,

after a few tries i got it to create client certificates. 
Further i set the SSLVerifyClient to 2 in the httpd.conf.
so the webserver only allows access to the web with a valid
certificate.....

to this situation i have two questions:
a) is it possible to grant only specific directories the access with
a valid certificate and the rest of the webspace is granted to all
or do i need for that purpose several (virtual) webserver?

b) setting SSLVerifyClient to 2 i know that only users with a client
certificate can access my webspace but is it possible to check 
which users (identified by his certificate) do which action. and
is it possible that a users can post a form 'signing' this form with
his private key so i know for sure that this form was realy submitted
by him??

thank you
Markus

Follow-Ups:
- Re: [apache-ssl] handling of client certificates
  - From: Adam Laurie <adam@algroup.co.uk>

Prev by Date: Re: MSIE-client auth
Next by Date: [apache-ssl] handling of client certificates
Prev by thread: Re: MSIE-client auth
Next by thread: Re: [apache-ssl] handling of client certificates
Index(es):
- Date
- Thread