Whiteboard Accessories User Manual

150 Sun Crypto Accelerator 4000 Board Installation and User’s Guide May 2003
Options are listed and described in TABLE B-7.
15. SSLRequireSSL
Context: Directory, .htaccess
This directive forbids access in a given directory unless HTTPS is used. Use the
directive to guard against misconfigurations that might otherwise leave a
directory's contents available to unauthenticated and unencrypted accesses.
TABLE B-7 Available SSL Options
Options Description
StdEnvVars Standard set of SSL-related CGI/SSI environment variables are
created—there is a performance penalty for this.
ExportCertData Causes the SSL_SERVER_CERT, SSL_CLIENT_CERT and
SSL_CLIENT_CERT_CHAINn (n = 0, 1, ...) environment variables to
be exported. These variables contain PEM-encoded certificates for
the client and server.
FakeBasicAuth Distinguished Name (DN) of the client certificate is translated into
an HTTP Basic Authentication Username, and is “faked” to have
authentication. This allows the use of standard Apache access
control mechanisms with SSL client authentication without
prompting the user for a password.
Entries for these users in the Apache password files must use the
encrypted password xxj31ZMTZzkVA, which is just an encrypted
form (crypt(3c)) of the word “password.”
StrictRequire Forces a forbidden access due to SSLRequireSSL to be denied,
even in the presence of other directives, such as Satisfy Any,
which might override this.