client authentication/authorization via ssl certs

configure apache to match attributes in client certificates

from: http:_httpd.apache.org/docs/2.2/ssl/ssl_howto.html

httpd.conf

SSLVerifyClient none

SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt

<Directory /var/www/htdocs/secure>
        SSLVerifyClient require
        SSLVerifyDepth 5
        SSLOptions +FakeBasicAuth
        SSLRequireSSL
        SSLRequire    %{SSL_CLIENT_S_DN_O} eq "Company Inc."
                      and  %{SSL_CLIENT_S_DN_OU}in{ "CO", "QA", "Operations" }
</Directory>