You are not logged in.
I'm trying to config apache + mod_ssl for a project.
The server has to only accept https connections, and validate users based on certificates.
I configured my /etc/httpd/conf/extra/httpd-ssl.conf
like this:
<VirtualHost>
DocumentRoot "/home/httpd/html"
ServerName localhost:443
ServerAdmin you@example.com
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key
SSLCertificateChainFile /etc/httpd/conf/server-ca.crt
SSLCACertificateFile /etc/httpd/conf/server-ca.crt
SSLVerifyClient require
SSLVerifyDepth 2
<Location>
Options +ExecCGI
SSLRequireSSL
</Location>
<Location>
SSLRequireSSL
SSLVerifyClient require
SSLVerifyDepth 2
</Location>
</VirtualHost>
But with this config everyone can still access both these directories.
Help me....
Offline