= Redmine SSL auth plugin
This redmine plugin enables authentication using SSL client certificates
== Usage
It's very simple
== Notes
== Configuration
Nice tutorial: http://www.vanemery.com/Linux/Apache/apache-SSL.html
In my case, I find this to be the configuration I wanted
SSLEngine on
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
SSLCACertificateFile /etc/apache2/ssl/ca.crt
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars
SSLOptions +FakeBasicAuth
<Location /login/ssl>
SSLVerifyClient require
</Location>
<Location />
AuthName "eBox HQ"
AuthType Basic
AuthUserFile /etc/apache2/passwd/team
#Require valid-user
</Location>By making SSLVerifyClient optional and commenting Require valid-user, it's possible to login without a certificate, using the regular login/password. A link is shown in the login form to require SSL authentication, see the Location /login/ssl section in the apache configuration.
If you want to force your users to use certificates, change SSLVerifyClient to require and uncomment Require valid-user
== Questions
To jbernal@ebox-platform.com
Please, don't ask about apache configuration. I don't know much more than it's already here. Email about the plugin (bugs, patches, suggestions, ...) is welcome :)