Hello,
Adding <Location> around SSLVerifyClient and SSLVerifyDepth is causing my mutual authentication to fail with a ssl_error_handshake_failure_alert message. I can't seem to determine what might be causing this. I'll just jump right to the code below: [WORKS] Excerpting my httpd.conf: <VirtualHost _default_:443> DocumentRoot "<path edited>/htdocs" SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:+eNULL SSLCertificateFile "<path edited>/Cert/ssl.crt/server.crt" SSLCertificateKeyFile "<path edited>/Cert/ssl.key/server.key" SSLCACertificateFile "<path edited> Cert/ca.cer" SSLVerifyClient required SSLVerifyDepth 1 <truncated> The above works like a charm. The only problem is it works EVERYWHERE I use 443 ... which is as expected. So when I add my <Location> directive as below I get the Error code: ssl_error_handshake_failure_alert. Though it properly triggers this error on requests to the specified location. So I know that part is being picked up properly. Does anybody know what can be causing this? This seems to be how it was behaving before I added in the SSLCACertificateFile information. Could the Location tag be causing the server to somehow ignore my SSLCACertificateFile? [DOESN'T WORK] : Error code: ssl_error_handshake_failure_alert <VirtualHost _default_:443> DocumentRoot "<path edited>/htdocs" SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:+eNULL SSLCertificateFile "<path edited>/Cert/ssl.crt/server.crt" SSLCertificateKeyFile "<path edited>/Cert/ssl.key/server.key" SSLCACertificateFile "<path edited> Cert/ca.cer" <Location /logonWithCertificate> SSLVerifyClient required SSLVerifyDepth 1 </Location> <truncated> Thanks in advance for any insight. -John