Hello,
we are running Apache 2.0.53 with openssl 0.9.7e on linux. There's a
weird problem using client certificates. When accessing
"/srv/www/ssldocs/secure" via https://www.domain.com/secure there's
absolutely no client certificate checked. Access is possible without
valid cert. My vhost is written like shown on modssl.org, I tried every
possible combination, but no success. After reading numerous faq's and
bbs and finding nothing about that problem, I wanted to ask, if anybody
knows about this problem or has as solution for this.
Thanks alot so far,
Alex
<VirtualHost *:443>
DocumentRoot /srv/www/ssldocs
ServerName SSL
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLOptions +StdEnvVars +StrictRequire
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
SSLVerifyClient none
SSLVerifyDepth 5
SSLCACertificateFile /etc/apache2/ssl.crt/clientca.crt
SSLCACertificatePath /etc/apache2/ssl.crt
<Directory "/srv/www/ssldocs/secure">
SSLVerifyClient require
SSLRequireSSL
</Directory>
</VirtualHost>
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
