Question about authentication and session cache

Question about authentication and session cache

am 02.11.2007 11:01:14 von Nori

Hello,

I try the construction of the server which satisfied three following conditions.

1) Directory[dir01] performs access control using SSL mutual authentication.
2) Directory[dir02] using only SSL server authentication.
3) Using SSL session cache.



Therefore I made it the following configuration file.



SSLRequireSSL
SSLVerifyClient require



SSLRequireSSL



I can't use SSL session cache when I accessed dir01 again, Because Re-negotiation occured.


Next, When I set it as follows.
SSL session cache became effective,
but client certification became necessary for access to dir02.


SSLVerifyClient require

SSLRequireSSL
SSLVerifyClient require



SSLRequireSSL



How should I have set it to satisfy a condition?


Regards

Nori




____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org