SSL and client authentication

Alessandro Sivieri alessandro.sivieri@REDACTED
Sun Nov 14 02:22:08 CET 2010

Hi all,

I'm using the SSL verify_peer option in a Web server with
fail_if_no_peer_cert set to true; I was wondering if there is a way to force
a client to send a valid certificate for some Web server paths and ignore it
for others: for example, if a client tries to make a request to, say,
https://host/url1, then I want it to send also a valid certificate, but if
it makes a request to https://host/url2, then it may not send any
certificate and the request will be accepted anyway. Basically I want mutual
auth only for a couple of URLs...
A friend who works with Apache said to me that it should be possible, but I
don't know if this works in Erlang (and how to make it work with the SSL
module options).


Sivieri Alessandro

More information about the erlang-questions mailing list