The RI is a single page amongst all the other pages in the www/ directory. For this file, we want to enable certificate authentication, but we do not want the other pages to prompt the user for a certificate.

This can be solved by using a Location directive like so:

<Location /ri.php>
        SSLVerifyClient optional_no_ca
        Order deny,allow
        allow from all
        AllowOverride None
</Location>

We want the optional_no_ca as Confusa will do the certifiacate matching without testing the chain. Remember, the Subscriber-admin uploads a certificate to act as a admin proxy i.e. the robot will act on behalf of the admin.