I have created a .htaccess file so that certain users can access a specific area of a intranet site. It currently obtains the users 'SSL_CLIENT_S_DN_CN' from there browser client certificate and they gain access if there name is on then list. See below: SSLRequire %{SSL_CLIENT_S_DN_CN} in {"bobsmith", "tomsmith", "paulsmith"} Now as this list will eventually be a maximum of 20 users, I have decided against using a database approach. What I would like is to instead of having the users contained within the .htaccess file, to have the .htaccess file to read a text file that contains a list of authorised users. So something like: SSLRequire %{SSL_CLIENT_S_DN_CN} in {Read text file of authorised users} Is this possible? Also I would like to obtain the first 5 chars of the SSL_CLIENT_S_DN_CN and compare this against the named user list. So in using the above example: SSLRequire %{First 5 chars of the SSL_CLIENT_S_DN_CN} in {"bobsm", "tomsm", "pauls"} Again is this possible? Thanks in advance