If you don't require authentication breaks for a lot of browsers since renegotioation is broken
git-svn-id: http://svn.cacert.cl/Software/Voting/vote@37 d4452222-2f33-11de-9270-010000000000
This commit is contained in:
Philipp Dunkel
parent
5ed37d3779
commit
9e1281cd06
1 changed files with 7 additions and 7 deletions
14
.htaccess
14
.htaccess
|
|
@ -22,12 +22,12 @@ php_value safe_mode_exec_dir /var/empty
|
||||||
<IfModule mod_ssl.c>
|
<IfModule mod_ssl.c>
|
||||||
SSLOptions +StdEnvVars +ExportCertData
|
SSLOptions +StdEnvVars +ExportCertData
|
||||||
SSLUserName SSL_CLIENT_S_DN_Email
|
SSLUserName SSL_CLIENT_S_DN_Email
|
||||||
SSLVerifyClient optional
|
SSLVerifyClient require
|
||||||
<IfModule mod_rewrite.c>
|
# <IfModule mod_rewrite.c>
|
||||||
RewriteEngine on
|
# RewriteEngine on
|
||||||
RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
|
# RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
|
||||||
RewriteRule .? - [F]
|
# RewriteRule .? - [F]
|
||||||
ErrorDocument 403 "You need a client side certificate issued by CAcert to access this url"
|
# ErrorDocument 403 "You need a client side certificate issued by CAcert to access this url"
|
||||||
</IfModule>
|
# </IfModule>
|
||||||
</IfModule>
|
</IfModule>
|
||||||
</FilesMatch>
|
</FilesMatch>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue