logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.



Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Client certificate exception by IP
Author
rickwschneider



Joined: 23 Jan 2019
Posts: 7

PostPosted: Tue 25 Jun '19 18:20    Post subject: Client certificate exception by IP Reply with quote

Hello,

I have configured Apache to require client certificate authentication by using the following directives within the global httpd.conf file:

Code:

SSLCACertificateFile /etc/httpd/cert/clientauth/ca.cer
SSLVerifyClient require


I need to add an exception for a single IP address so that it does not require client certificate authentication. I've been scouring Google, but haven't found something to address this question.

Any help would be greatly appreciated.
-Rick
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2211
Location: Sun Diego, USA

PostPosted: Wed 26 Jun '19 0:13    Post subject: Reply with quote

Since SSLVerifyClient has a default of "none", maybe this will work.
Code:
SSLCACertificateFile /etc/httpd/cert/clientauth/ca.cer
<If "%{REMOTE_ADDR} != '123.456.789.0'">
    SSLVerifyClient required
</If>
Back to top


Reply to topic   Topic: Client certificate exception by IP View previous topic :: View next topic
Post new topic   Forum Index -> Apache