Cliente certificates under a specific URL

Unanswered Question
Jul 17th, 2009

Hi friends, hope somebody can advise me on this request.

We have a https://www.site.com which is LB some web servers behind. All content on our site is served under SSL (this is a must).

We would like to use a specific URL to ask for client certificates under a specific subdirectory (cert), something like this: https://www.site.com/cert/

So, everything else is using normal SSL, but all from /cert is erquired to use client certificates.

(btw, subdomains is not an option for us)

Is this possible using a CSS?

Thanks,

jsmiIII

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Smith3III Thu, 07/23/2009 - 23:26

What I mean is if CSS can restrict SSL access to a specific URL instead of using a subdomain (ie: normal website www.sitea.com, ssl active only www.sitea.com/secure/).

Someboy told me it is possible using some kind of redirects, but honestly, I cannot find any example about that (protect directory)...

thank so much

Gilles Dufour Wed, 07/29/2009 - 03:52

yes this is possible.

You create 2 content rulea to catch the decrypted traffic.

One is the generic rule to catch everything and the other one is specific to catch /secure/*.

For the /secure/* you simply loadbalance to the server and keep the connection encrypted.

For the generic rule, you create a web redirect service to send the client back to http://.... instead of httpS://

You do the same on the port 80 (cleartext) traffic but you redirect /secure/* to https and continue the connection in cleartext for the generic rule.

There are multiple examples of CSS redirect configuration on our website.

Gilles.

Actions

This Discussion