Subject: The mailing list for listmasters using Sympa
List archive
- From: Anne Durand <address@concealed>
- To: address@concealed
- Subject: Authentification par certificat
- Date: Tue, 06 Feb 2001 12:20:15 +0100
J'ai un virtualhost sur le port 443 qui charge bien son certificat,qui
charge mon certificat utilisateur, mais j'obtiens l'écran normal
d'accueil me proposant l'authentification par cookies.
dans httpd.conf
<VirtualHost corbu.gamsau.archi.fr:443>
# General setup for the virtual host
ServerAdmin address@concealed
DocumentRoot /export/home/sympa
ServerName sympa.archi.fr
User sympa
Group listserv
UserDir disabled
ScriptAlias /wws /export/home/sympa/bin/wwsympa.fcgi
Alias /icones/ /export/home/sympa/icons/
Alias /icons/ /usr/local/apache/icons/
ErrorLog /export/home0/apache/gamsau/logs/sympa443.error_log
TransferLog /export/home0/apache/gamsau/logs/sympa443.access_log
DirectoryIndex wws
<Directory /export/home/sympa/bin>
Options ExecCGI
AllowOverride None
AddHandler cgi-script .fcgi
order allow,deny
deny from all
</Directory>
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/sympa.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/sympa.key
SSLCertificateChainFile /usr/local/apache/conf/ssl.crt/ca.crt
SSLCACertificatePath /usr/local/apache/conf/ssl.crt
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca.crt
SSLVerifyClient require
SSLVerifyDepth 5
<Files ~ "\.(cgi|fcgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/export/home/sympa/bin">
SSLOptions +StdEnvVars
</Directory>
dans sympa.conf
## path to OpenSSL command (optional, need openssl 0.95a)
openssl /usr/local/ssl/bin/openssl
# trusted CA certificat option (required if openssl is set)
trusted_ca_options -CAfile /export/home/sympa/bin/etc/ca-bundle.crt
dans les logs de ssl
[06/Feb/2001 12:07:05 22166] [info] Connection to child 4 established
(server sympa.archi.fr:443, client 193.50.232.53)
[06/Feb/2001 12:07:05 22166] [info] Seeding PRNG with 1160 bytes of
entropy
[06/Feb/2001 12:07:13 22166] [info] Connection: Client IP:
193.50.232.53, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
[06/Feb/2001 12:07:14 22166] [info] Initial (No.1) HTTPS request
received for child 4 (server sympa.archi.fr:443)
[06/Feb/2001 12:07:20 22166] [info] Connection to child 4 closed with
standard shutdown (server sympa.archi.fr:443, client 193.50.232.53)
Pas d'autres signes dans les logs.
Merci d'avance pour toute suggestion.
--
Anne DURAND
GAMSAU - MAP
UMR CNRS-MCC n° 694
"Modèles et simulations pour l'Architecture, l'urbanisme et le Paysage"
Ecole d'Architecture de Marseille
184 av de Luminy
13288 Marseille Cedex 09
tel : 04 91 82 71 62/70 - fax : 04 91 82 71 71
mel : address@concealed
http : www.map.archi.fr
Ce message est signé.
Vous pouvez télécharger le certificat de l'autorité de certification
archi.fr à l'adresse http://www.archi.fr/certif/archi.pem
Attachment:
smime.p7s
Description: Signature cryptographique S/MIME
- Authentification par certificat, Anne Durand, 02/06/2001
Archive powered by MHonArc 2.6.19+.