Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Client certificate exception by IP |
|
| Author |
|
rickwschneider
Joined: 23 Jan 2019
Posts: 7
|
 Posted: Tue 25 Jun '19 18:20 Post subject: Client certificate exception by IP |
 |
|
Hello,
I have configured Apache to require client certificate authentication by using the following directives within the global httpd.conf file:
| Code: |
SSLCACertificateFile /etc/httpd/cert/clientauth/ca.cer
SSLVerifyClient require
|
I need to add an exception for a single IP address so that it does not require client certificate authentication. I've been scouring Google, but haven't found something to address this question.
Any help would be greatly appreciated.
-Rick |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Wed 26 Jun '19 0:13 Post subject: |
|
|
Since SSLVerifyClient has a default of "none", maybe this will work.
| Code: | SSLCACertificateFile /etc/httpd/cert/clientauth/ca.cer
<If "%{REMOTE_ADDR} != '123.456.789.0'">
SSLVerifyClient required
</If> |
|
|
| Back to top |
|
|
|
|
|
|
