From 9e1281cd066d43880a5a5c16adcdd13e5a63d1b3 Mon Sep 17 00:00:00 2001
From: Philipp Dunkel <Philipp Dunkel@d4452222-2f33-11de-9270-010000000000>
Date: Thu, 21 May 2009 14:52:26 +0000
Subject: [PATCH] If you don't require authentication breaks for a lot of
 browsers since renegotioation is broken

git-svn-id: http://svn.cacert.cl/Software/Voting/vote@37 d4452222-2f33-11de-9270-010000000000
---
 .htaccess | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.htaccess b/.htaccess
index a189cbe..a7dc92f 100644
--- a/.htaccess
+++ b/.htaccess
@@ -22,12 +22,12 @@ php_value 	safe_mode_exec_dir	/var/empty
 	<IfModule mod_ssl.c>
 	SSLOptions +StdEnvVars +ExportCertData
 	SSLUserName SSL_CLIENT_S_DN_Email
-	SSLVerifyClient optional
-		<IfModule mod_rewrite.c>
-		RewriteEngine        on
-		RewriteCond     %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
-		RewriteRule     .? - [F]
-		ErrorDocument 403 "You need a client side certificate issued by CAcert to access this url"
-		</IfModule>
+	SSLVerifyClient require
+#		<IfModule mod_rewrite.c>
+#		RewriteEngine        on
+#		RewriteCond     %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
+#		RewriteRule     .? - [F]
+#		ErrorDocument 403 "You need a client side certificate issued by CAcert to access this url"
+#		</IfModule>
 	</IfModule>
 </FilesMatch>