[Resolved] ssl/certificate auth

[nullx8]

has anyone sucessfully got ssl authenticaton to work on lsws ?

what i want to accomplish is sites to be viewable only if the proper clent certificate is avaiable

 

[mistwang]

It need to be configured through LSWS native configuration, no through Apache httpd.conf .

 

[nullx8]

everything native here
on all servers,

are there any examples avaiable somewhere ?
the apache examples are pretty much useless

 

[mistwang]

You need to create your own CA, signed client certificate & key.

configure CA with
http://www.litespeedtech.com/docs/webserver/config/listeners#CACertPath
or
http://www.litespeedtech.com/docs/webserver/config/listeners#CACertFile

then enable "Client Verification"
http://www.litespeedtech.com/docs/webserver/config/listeners#clientVerify

 

[nullx8]

oh that was alot more easy as i expected ... works like a charm in combination with the Comodo ssl certificate.

no client certificate results now in a solid SSL Error ...
thanks again

 

[nullx8]

while on that topic ..
the http error is 403.16 (i assume) ... is i possible to generate a redirect .. since the error is generated by the listener i not so sure where and how to place it ?

the idea was to have some redirect to a non-ssl page tell the user to get a certificate to connect.

 

[NiteWave]

1. create a http listener (port 80)
2. both http(port 80) and https (port 443) map to same virtual host.
3. in .htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
Rewrite .* /info-page.html [L]

 

[mistwang]

The SSL error is at Layer4, no possible to add a layer7 403 error page for that.
Neither server, nor client can sen or receive anything from each other.