Oracle B12255-01 Manuale Utente
Security Services Implemented Within Oracle HTTP Server
8-32
Oracle HTTP Server Administrator’s Guide
Using mod_ossl Directives to Configure Client Authentication
This section provides instructions on how you can use the directives mentioned
earlier to set up configurations that enable you to use client certificates for
authenticating clients. Following are some scenarios:
earlier to set up configurations that enable you to use client certificates for
authenticating clients. Following are some scenarios:
■
Authenticating clients based on certificates when all clients are known.
The server wallet has imported the CA certificate which signed all the client
certificates.
certificates.
For example, specify the following directives in the httpd.conf file:
SSLVerifyClient require
■
Authenticating for a particular URL based on certificates, while allowing
arbitrary clients to access the rest of the server
arbitrary clients to access the rest of the server
To enable this, use the per-directory reconfiguration feature of mod_ossl.
Session re-negotiation enables an SSL session to be re-negotiated with a client
after the initial request and URL have been read. This is only supported for
requests that do not contain body data, such as GET requests.
Session re-negotiation enables an SSL session to be re-negotiated with a client
after the initial request and URL have been read. This is only supported for
requests that do not contain body data, such as GET requests.
For example, specify the following directives in the httpd.conf file:
<Location /secure/area>
SSLVerifyClient require
</Location>
See Also:
■
on page 2-3 for more information.
■
mod_ssl
documentation.