I have 2 applications that resides on the same Web
Site and shares the same URL prefix (i.e.
www.whatever.com), but lives within different virtual
directories. Each of those applications has different
security requirements: One REQUIRES a client-side
certificate and the other one doesn't.
Below are example URLs of what the client would enter:
DOESN'T require a Client-Side certificate:
https://www.whatever.com/NoClientCertRequred/
DOES require a Client-Side certificate:
https://www.whatever.com/ClientCertRequred/
In a Squid reverse proxy configurations, in order to
use client certificates, the respective CA signer of
the client-side certificates must be installed on the
Squid server (not the web server) level so the
end-user get challenged to present a client-side
certificate by Squid instead of by the web server.
Correct?
The question I have is this:
Can Squid be configured to define client-side
certificate requirements at the DIRECTORY level (like
the aforementioned "/ClientCertRequred/") or does the
requirements have to be set based on the web site as a
whole (i.e. "www.whatever.com")? If this is possible,
any example squid.conf configurations of this set-up
would be great.
Any insight you can offer would be greatly
appreciated! Thanks.
Received on Mon Sep 10 2007 - 11:13:22 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT