On 07/05/11 18:46, Magnus Hagander wrote:
> clientcert=1 makes the server request a client certificate - but does
> not use it for authentication. So the client just has to present *any
> valid* client certificate, and can then use whatever other
> authenticaiton method is specified (md5, ldap, etc).
Ah, I see now. When you wrote "clientcert=1" above, that made me realise
that I was making a mistake. I was using "clientcert" in the
authentication method column, and you can't use it there because it's an
"option" to "any other auth method" and not a auth method on its own.
I did read the doc and this was not clear to me at first, so perhaps it
could be made clearer?
Thanks for your help,
Khusro
