1,870
edits
Changes
Jump to navigation
Jump to search
Line 14:
Line 14: − +
How to set up a secure webdav area on an Apache 2.0 server that can hold an Adobe Acrobat 8 shared review document (view source)
Revision as of 15:32, 28 August 2007
, 15:32, 28 August 2007no edit summary
SSLVerifyDepth 10
SSLVerifyDepth 10
</pre>
</pre>
By luck and a lot of trial and error, I discovered that commenting out these lines allowed the Acrobat 8 ssl key exchange to work with my Apache server. Unfortunately, this conflicts with another application on my web site, phpMyAdmin, which I protect using a private client certificate. Removing the SSLVerifyClient optional setting from the top-level of my site ssl configuration made the client authentication fail for phpMyAdmin, even when the SSLVerifyClient directives from the top level that had made the configuration work were moved into the phpMyAdmin directory clause. Fortunately, my server hosts multiple IP addresses, so it was easy to set up two virtual hosts and dedicate one to serving webdav for Acrobat shared reviews.
By luck and a lot of trial and error, I discovered that commenting out these lines allowed the Acrobat 8 ssl key exchange to work with my Apache server. Unfortunately, this conflicts with another application on my web site, phpMyAdmin, which I protect using a private client certificate. Removing the SSLVerifyClient optional setting from the top-level of my site ssl configuration made the client authentication fail for phpMyAdmin, even when the SSLVerifyClient directives from the top level were moved into the phpMyAdmin directory clause. Fortunately, my server hosts multiple IP addresses, so it was easy to set up two virtual hosts and dedicate one to serving webdav for Acrobat shared reviews.
Because fellow authors rarely have client certificates that I know I can rely on, it is easier to use http basic authentication anyway, so I never tried to get client certs to work with Acrobat shared reviews. Maybe some day when pki technology becomes widespread in the scientific community, it will make sense to revisit the question.
Because fellow authors rarely have client certificates that I know I can rely on, it is easier to use http basic authentication anyway, so I never tried to get client certs to work with Acrobat shared reviews. Maybe some day when pki technology becomes widespread in the scientific community, it will make sense to revisit the question.