Allowing users in from an IP address without certificate client authentication

Posted by John on Server Fault See other posts from Server Fault or by John
Published on 2012-07-27T14:42:24Z Indexed on 2012/08/31 15:42 UTC
Read the original article Hit count: 224

Filed under:
|
|

I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside.

Here is my configuration:

 <Directory /srv/www>
  AllowOverride All

  Order deny,allow
  Deny from all
  # office network static IP
  Allow from xxx.xxx.xxx.xxx

  SSLVerifyClient require
  SSLOptions +FakeBasicAuth
  AuthName "My secure area"
  AuthType Basic
  AuthUserFile /etc/httpd/ssl/index
  Require valid-user
  Satisfy Any

 </Directory>

When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate.

When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen

and following configuration works perfectly

 <Directory /srv/www>
  AllowOverride All

  Order deny,allow
  Deny from all
  Allow from xxx.xxx.xxx.xxx

  AuthUserFile /srv/www/htpasswd
  AuthName "Restricted Access"
  AuthType Basic
  Require valid-user
  Satisfy Any

 </Directory>

© Server Fault or respective owner

Related posts about apache2

Related posts about ssl