(no commit message)

author David W Xiao <dxiao@mit.edu>

Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)

committer sipb-www <sipb-www@pancake-bunny.mit.edu>

Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)
author David W Xiao <dxiao@mit.edu>
Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)
committer sipb-www <sipb-www@pancake-bunny.mit.edu>
Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)
diff --git a/doc/apache-client-certs.mdwn b/doc/apache-client-certs.mdwn

index d4a064279ef4e8e55802900b0c675cebe6abd59c..9b6428a4e3d51f44413ecfd547d7fce5e75e10b8 100644 (file)
--- a/doc/apache-client-certs.mdwn
+++ b/doc/apache-client-certs.mdwn
@@ -26,7 +26,7 @@ In addition to the standard Apache directives needed to enable SSL, you'll need
          AuthSSLCertStripSuffix "@MIT.EDU"
      </Location>
  
-You also need to require certificate authentication. You can either use `SSLVerifyClient required` or `SSLVerifyClient optional`. `SSLVerifyClient required` has the downside that, if visitors don't have client-side certificates, they'll get an obscure OpenSSL error. However, Safari will not present certificates to a site with `SSLVerifyClient optional` set unless the user sets up an Identity Preference. For reference, scripts.mit.edu sets `SSLVerifyClient optional`.
+You also need to require certificate authentication. You can either use `SSLVerifyClient require` or `SSLVerifyClient optional`. `SSLVerifyClient required` has the downside that, if visitors don't have client-side certificates, they'll get an obscure OpenSSL error. However, Safari will not present certificates to a site with `SSLVerifyClient optional` set unless the user sets up an Identity Preference. For reference, scripts.mit.edu sets `SSLVerifyClient optional`.
  
  You'll also need to enable the Apache modules.
author	David W Xiao <dxiao@mit.edu>
	Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)
committer	sipb-www <sipb-www@pancake-bunny.mit.edu>
	Fri, 16 Sep 2011 21:30:19 +0000 (17:30 -0400)