[英]How do I add custom errors for client certificates in Apache?
How do I configure a custom error document for when a user fails to provide a client certificate or when the one they provide is invalid? 当用户未能提供客户端证书或客户端提供的证书无效时,如何配置自定义错误文档?
The browser displays ERR_BAD_SSL_CLIENT_AUTH_CERT
and ERR_SSL_DECRYPT_ERROR_ALERT
respectively when I encounter those errors. 当我遇到这些错误时,浏览器分别显示ERR_BAD_SSL_CLIENT_AUTH_CERT
和ERR_SSL_DECRYPT_ERROR_ALERT
。 I'd like to provide the user with a custom error. 我想为用户提供一个自定义错误。
This is how I do it in NGINX . 这就是我在NGINX中的方法 。
location = /495.html {}
error_page 495 /495.html;
location = /496.html {}
error_page 496 /496.html;
When I add the following line to the apache config I receive the error "Unsupported HTTP response code 495" . 当我将以下行添加到apache配置中时,我收到错误消息“不支持的HTTP响应代码495” 。
ErrorDocument 495 /495.html
This is running httpd-2.4.6-45.el7.centos.4.x86_64 这正在运行httpd-2.4.6-45.el7.centos.4.x86_64
UPDATE: 更新:
I am able to provide a custom error document for the 496 error by changing SSLVerifyClient from require to optional and using a rewrite rule. 通过将SSLVerifyClient从require更改为optional并使用重写规则,我能够为496错误提供自定义错误文档。
<Directory "/var/www/html">
SSLVerifyClient optional
RewriteEngine On
RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS
RewriteRule . 496.html [L]
</Directory>
The 495 error still eludes me. 495错误仍然使我难以理解。
What version of Apache are you running? 您正在运行什么版本的Apache?
https://unix.stackexchange.com/questions/290845/unsupported-http-response-code-429 https://unix.stackexchange.com/questions/290845/unsupported-http-response-code-429
Apache 2.2 does not support 495. Apache 2.2不支持495。
Apache 2.4 does support this according to https://httpd.apache.org/docs/2.4/custom-error.html Apache 2.4确实根据https://httpd.apache.org/docs/2.4/custom-error.html对此提供支持
Customized error responses can be defined for any HTTP status code designated as an error condition - that is, any 4xx or 5xx status. 可以为指定为错误条件的任何HTTP状态代码(即任何4xx或5xx状态)定义定制的错误响应。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.