thanks that works, a little tricky if you want to use SSLVerifyClient
optional, as it 403s everything in that case instead of just not filling in
the client variables. But I can always do that programmaticaly if I need it.
--
View this message in context:
http://www.nabble.com/Client-Verificatio
thanks that works, a little tricky if you want to use SSLVerifyClient
optional, as it 403s everything in that case instead just not filling in the
client variables. But I can always do that programmaticaly if I need it.
--
View this message in context:
http://www.nabble.com/Client-Verification-w
: Client Verification with sub ca's
I have a self signed ca, with multiple sub-ca's.
root
-sub-ca1
-sub-ca2
-server
I sign client certificates with either -sub-ca1 or -sub-ca2, and use server
to sign certificates for the actual website. So in my apache config, i have
this:
SS
I have a self signed ca, with multiple sub-ca's.
root
-sub-ca1
-sub-ca2
-server
I sign client certificates with either -sub-ca1 or -sub-ca2, and use server
to sign certificates for the actual website. So in my apache config, i have
this:
SSLEngine on
SSLOptions +stdEnvVars