Nagios:Authentication with SSL Certificates

From SysadminWiki

This is for Apache 2, and also includes an example of how to apply basic certificate ACLs from within the nagios config.

        SSLEngine on
        SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
        SSLCertificateFile /etc/apache2/ssl/nagios-hostcert.pem
        SSLCertificateKeyFile /etc/apache2/ssl/nagios-hostkey.pem
        SSLCACertificatePath    /etc/grid-security/certificates
        SSLCACertificateFile /etc/apache2/ssl/cacert.crt
        SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
        SSLVerifyClient require
        SSLVerifyDepth 2
        SSLUserName SSL_CLIENT_S_DN
        <Location /nagios>
                SSLRequire  %{SSL_CLIENT_S_DN} eq "/C=UK/O=eScience/OU=Manchester/L=HEP/CN=colin morey" \
                        or  %{SSL_CLIENT_S_DN} eq "/C=UK/O=eScience/OU=Manchester/L=HEP/CN=Someone Else"
        </Location>