Full_Name: Janus Liebregts Version: 2.3.11 OS: Linux Redhat 5.2 Submission from: (NULL) (192.87.0.19) Hi, I try to upgrade my modssl from: Apache/1.3.6 (Unix) mod_ssl/2.3.11 OpenSSL/0.9.3a to: Apache/1.3.14 (Unix) mod_ssl/2.7.1 OpenSSL/0.9.6 but the nice feature optional_no_ca doesn't work anymore. Some nice scripts (e.g. show every presented certificate: https://sslap.wind.surfnet.nl:8889/cgi-bin/viewcert.pl ) doesn't work on mod_ssl/2.3.11, it requires me to present the SSLCACertificatePath or SSLCACertificateFile for accepting a certificate. I saw that also the modssl-test on https://www.modssl.org/example/test.phtml doesn't show the client certificate anymore. I have included the old working configuration <VirtualHost _default_:8889> DocumentRoot /usr/local/httpsd/htdocs ServerName sslap.wind.surfnet.nl ServerAdmin [EMAIL PROTECTED] ErrorLog /usr/local/httpsd/logs/error_log TransferLog /usr/local/httpsd/logs/access_log SSLEngine on SSLCertificateFile /usr/local/httpsd/conf/ssl.crt/sslap.crt SSLCertificateKeyFile /usr/local/httpsd/conf/ssl.key/sslap.key.unsecure #SSLCACertificatePath /usr/local/httpsd/conf/ssl.crt #SSLCACertificateFile /usr/local/httpsd/conf/ssl.crt/testca-mayjune99.crt SSLVerifyClient optional_no_ca SSLVerifyDepth 10 SSLOptions +ExportCertData SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown CustomLog /usr/local/httpsd/logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> regards, Janus Liebregts SURFnet ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
