“One of the most common kinds of access control for secure web servers is Basic Authentication, in which a login and
password are required. Access controls can apply to part or all of a web site. The restricted area is called the
“authorization realm.” Even though Basic Authentication is the most common kind of access control, it is not the
most secure. The most secure kind of access control is Client Authentication.”
“Client Authentication uses client certificates installed in users’ web browsers or other client applications (clients) to
authenticate users, and only lets clients with the right client certificates into the authorization realm. (In this article, an
authorization realm with client authentication will be called a “Client Authentication Realm.”)”
This article explains how to configure Apache+mod_ssl to keep clients with revoked client certificates out of a Client
Authentication Realm.
ServerWatch is a top resource on servers. Explore the latest news, reviews and guides for server administrators now.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
