Legitimate access with certificate auth or basic auth

Sven Schwyn svoop at delirium.ch
Tue Apr 17 11:24:07 UTC 2012


Is there a way to legitimate access to a location (in my case an entire vhost) with certificate auth and - if no certificate is sent - a fallback to basic auth?

On Apache (from where I'm currently migrating) this is done with "FakeBasicAuth" as follows:

SSLVerifyClient require
SSLVerifyDepth 3
SSLCADNRequestFile /path/to/certs.pem
SSLOptions +FakeBasicAuth

<Location />
  Allow from all
  AuthName 'MySite'
  AuthType Basic
  AuthUserFile /path/to/htpasswd
  Require valid-user

Thanks for your hints!

More information about the nginx mailing list