개인 클라이언트 인증서로 접속 가능한 웹서버 설정
Apache HTTPD 2.4 에서 개인 클라이언트 인증서 적용
다음을 httpd.conf 에 추가
SSLVerifyClient none
SSLCACertificateFile /../kreonet-ca-chain.pem
<Location />
Require all granted
</Location>
<Location /secure>
<If "-R 'AAA.BBB.CCC.DDD/32'">
</If>
<ElseIf "-R 'BBB.CCC.DDD.EEE/32'" >
</ElseIf>
<Else>
SSLVerifyClient require
SSLVerifyDepth 1
</Else>
</Location> |
참고
https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html#accesscontrol
https://httpd.apache.org/docs/2.4/mod/core.html#elseif
https://superuser.com/questions/1055171/apache-and-support-for-per-directory-ca
https://www.cl.cam.ac.uk/~jw35/courses/using_https/html/x640.htm
https://httpd.apache.org/docs/2.4/ssl/ssl_compat.html