Does mod_ssl have to have "SSLCACertificatePath and or File" to authenticate a verisign test client certificate?
How To page reads.... "SSLVerifyClient none <Directory /usr/local/apache/htdocs/secure/area> SSLVerifyClient require SSLVerifyDepth 5 SSLCACertificateFile conf/ssl.crt/ca.crt SSLCACertificatePath conf/ssl.crt SSLOptions +FakeBasicAuth SSLRequireSSL SSLRequire %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." and \ %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} </Directory> " for client certificate authentication as method 2, However, if I leave the SSLCACertificateFile or Path line in on startup it complains that the directive does not belong there....Did I miss something in the main configuration that is causing this? So the only way I can get the server to start up is by taking those 2 lines out and then I get "unable to get local issuer certificate" when I try to connect with the test client cert from verisign. Should I have version's CA cert loaded into apache conf? Thanks in advance, Chris ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]