I have an SVN server running under Apache via HTTPS
Heres my server-side config, "/etc/httpd/conf.d/subversion.conf":
<Location />
SSLRequireSSL
SSLCACertificatePath /etc/pki/CA
SSLCACertificateFile /etc/pki/CA/cacert.pem
SSLVerifyClient optional
SSLUserName SSL_CLIENT_S_DN_CN
SetOutputFilter DEFLATE
Satisfy Any
AuthBasicProvider file ldap
AuthzLDAPAuthoritative off
AuthType Basic
AuthName "SVN users enter password"
AuthLDAPURL ldap://ldap.exmaple.com:389/ou=employees,ou=people,o=example.com
AuthGroupFile /var/www/auth/group
AuthUserFile /var/www/auth/passwd
Require valid-user
</Location>
This configuration accepts a PKCS12 certificate certificate during verification through HTTPS.
And accepts LDAP authentication when checking through HTTP.
Now my problem is how to get Apache to accept LDAP authentication if the client certificate (PKCS12) is not provided when checking through HTTPS?
source
share