page_header("Enabling SSL Client Certificates on Apache");
The following is a recipe to configure an Apache Web Server to accept and read a self-signed SSL client certificates.
This is one of the steps to implement the FOAF + SSL protocol as outlined by Henry Story.
The starting assumption of this recipe is that your Apache server has SSL installed and working.
If not the instructions are here: http://www.apache-ssl.org/
section_header("2", "Change the Apache httpd.conf to enable client certificates");
You will need editing rights on your httpd.conf. Here are the changes we made in order to get things working:
Note: SSLCACertificateFile is not set so self signed certificates are not checked against the trusted CAs configured on the server.
section_header("3", "Add the following to the .htaccess to make the SSL variables available to PHP");
section_header("4", "How to test it");
The following code should be able to print out diagnostic information:
An example can be seen here: https://foaf.me/testSSL.php
section_header("5", "How to exclude specific files from the client certificate request directive");
If you wish to exlude specific files on you web server from requesting a Client Certificate add the following to the .htaccess file in the appropriate directory.
section_header("6", "See Also");
section_header("7", "External Links");