Hi
Is there a way to legitimate access to a location (in my case an entire
vhost) with certificate auth and - if no certificate is sent - a
fallback to basic auth?
On Apache (from where I’m currently migrating) this is done with
“FakeBasicAuth” as follows:
SSLVerifyClient require
SSLVerifyDepth 3
SSLCADNRequestFile /path/to/certs.pem
SSLOptions +FakeBasicAuth
Thanks for your hints!