Hi, As we know, directive SSLVerifyClient in mod_ssl can be used for Client Authentication
SSLVerifyClient require It means the client *has to* present a valid Certificate However, for specific purpose, I only want to verify: whether client's certificate is issued by trusted CA. I do not want to verify common name in client's certificate. In another word, if the client certificate is issued by trusted CA, even its common name is not matched, we can also consider this client certificate is valid. How to configure Apache for such purpose? Thanks! Br, Jason