Hi all ... My name is Joseph, from the Technical Univerisity of Catalonia (UPC). This is my first messege here ...
I'm developing a web application under Apache 1.3.27, with client authentication under a certain path, /htdocs/client_aut ... that is, if a client requires a resource placed under /htdocs/client_aut, he will need to show his or her digital certificate. I have implemented this idea as follows (httpd.conf): <Location /usr/local/apache/htdocs/client_aut> SSLVerifyClient require SSLVerifiDepth 1 </Location> I have a created these certificates: * a CA self-signet certificate, named certificatCA.crt (placed at /conf/ssl.crt) * a server certificate, signed by CA, named certificatSERV.crt (placed at /conf/ssl.crt) * a client certificate, singned by CA, named clientSERV.crt, installed at the client web browser. And I have configured SSL connection as follows: SSLCertificateFile path/to/certificatSERV.crt SSLCertificateKeyfile path/to/clausSERV.key SSLCACertificateFile path/to/certificatCA.crt But it does not work ... when I try to acces to the web server from my brownser, server autenthication is OK, but when I choose "clientSERV.crt" in order to authenticate me, it does not work. Any tip? Thanks all Josep