I'm not a guru but I would suspect that your NameVirtualHost
directives need to differ. You probably need to configure the
virtual hosts using their domain names, like this:
------------------------------------------------------------

NameVirtualHost abc1-no-client-auth.com:443

...


NameVirtualHost abc1-ssl-client-auth.com:443

...


------------------------------------------------------------
Otherwise I think one will just overwrite the other.
Also for MSIE compatibility it is recommended that you add
the following to the virtual host configuration:
------------------------------------------------------------

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

------------------------------------------------------------
Hope this was helpful.

/Daniel

----- Original Message -----
From: "Hoda Nadeem"
To:
Sent: Thursday, June 02, 2005 3:26 PM
Subject: RE: SSL Client Auth with Virtual Hosts


Are there any parameters that I am missing, or am I doing something
incorrect?

On my setup, client authentication is either on or off globally. I can't
seem to isolate it at the virtual host level.

Thanks.

Nadeem

Example again:

NameVirtualHost 111.111.111.111:443


ServerAdmin adsfasfsa@asdfasfds.com
DocumentRoot /var/www
ServerName abc1-no-client-auth.com

SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key



ServerAdmin adsfasfsa@asdfasfds.com
DocumentRoot /var/www
ServerName abc1-ssl-client-auth.com

SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLVerifyClient require
SSLVerifyDepth 2
SSLCACertificateFile /etc/httpd/conf/ssl.crt/server-calist.crt
SSLOptions +StdEnvVars +ExportCertData


__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org