This is a little **how to authenticate users with X509 certificates and apache 2 webserver**

Well, it's very simple. First, take a look in [[http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslrequire|Apache 2]].

Here one of possible config. This one use a flat file (a htpasswd one) with Users's DN as username. The password
**MUST BE** password, encoded in des or md5 (depend of your apache config)

<code apache>
        <Location /brack>
                SSLVerifyClient         require
                SSLVerifyDepth          5
                SSLCACertificateFile    /etc/apache2/ssl/cacert.pem
                SSLOptions              +FakeBasicAuth
                SSLRequireSSL
                AuthName                "Rack access"
                AuthType                Basic
                AuthUserFile            /etc/apache2/access/brack.conf
                require                 valid-user
        </Location>
</code>

//brack.conf//
<code>
/CN=Bruno Bonfils/O=Fimasys/C=FR:xxj31ZMTZzkVA\
</code>

[[geeklog:comments:20051026|Comments]]