According to Raymond J. Henry:
Anyone with Apache/SSL experience care to lend a helping hand?
I've got Apache compiled with mod_ssl, and it seems to be working fine. In fact, I know that part is working fine. Where my trouble lies is with forcing it to look look for the userID/password to access the directory.
Which, by the way, has nothing to do with the SSL support.
It allows any conenction to view the page, without prompting for userID/PW. httpd.conf points traffic for hermes.manitobamall.net to /www/htdocs/manitobamall/.
Looked around for everything I could find on the 'Net, and tried all variations of examples, still the same. ____________________
/www/htdocs/test/.htaccess:
AuthUserFile /www/pw/.file-password AuthGroupFile /dev/null
I think you can just leave out the AuthGroupFile directive if you're not actually specifying a group file.
AuthName "TestPage"
Set the AuthName directive to a name or string that will make sense in the userid/password prompt in the pop-up dialog box.
AuthType Basic
<Limit GET POST PUT> require user test </Limit>
We usually just specify the following...
require valid-user
... without using the Limit tags. This will allow any valid userid that's found in the specified password file.
/www/pw/.filepassword:
test: 38sqpB6MNb7BA
If that's white space after the colon, you'll need to remove that. In fact, this may be your only real problem.
Hope this helps.