Been trying to get this to work for weeks now. I'm hardening our intranet (Apache on Windows) prior to allowing authenticated access from outside. Trouble is, all subjcts have their own subdomains (, etc) and browsers prompt for authentication credentials for each subdomain. Does anyone know of a way to switch this off i.e. trust the domain and all its subdomains?