Does mod_ssl have to have "SSLCACertificatePath and or File" to authenticate
a verisign test client certificate?
How To page reads....
"SSLVerifyClient none
<Directory /usr/local/apache/htdocs/secure/area>
SSLVerifyClient require
SSLVerifyDepth 5
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
SSLOptions +FakeBasicAuth
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_O} eq "Snake Oil,
Ltd." and \
%{SSL_CLIENT_S_DN_OU} in {"Staff",
"CA", "Dev"}
</Directory> "
for client certificate authentication as method 2, However, if I leave the
SSLCACertificateFile or Path line in on startup it complains that the
directive does not belong there....Did I miss something in the main
configuration that is causing this? So the only way I can get the server to
start up is by taking those 2 lines out and then I get "unable to get local
issuer certificate" when I try to connect with the test client cert from
verisign. Should I have version's CA cert loaded into apache conf?
Thanks in advance,
Chris
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
