Re: [Openca-Users] Fw: SSLVerifyClient statements causing problems?

Re: [Openca-Users] Fw: SSLVerifyClient statements causing problems?

am 12.09.2002 00:12:47 von Ron Gedye

Problem was my CA cert file ( incorrect setting )

(it's the little things....)

----- Original Message -----
From: "Ron Gedye"
To:
Sent: Wednesday, September 11, 2002 4:15 PM
Subject: [Openca-Users] Fw: SSLVerifyClient statements causing problems?


> Figured I'd post here as well. Apache question related to SSL & OpenCA
>
> Having trouble with running https now that I've tried to enable client
auth
> via certs.
> Didn't find much on the web to directly address this (and I'll now dream
of
> httpd.conf files and SSLxxxx statements in my sleep)
> [ Full information and error listed below ]
>
> Been through the docs @ modssl.org & apache.org; can't see what I'm doing
> wrong.
>
> Any insight would be appreciated
>
> Thanks again.
>
> Ron
>
>
> ----- Original Message -----
> From: "Ron Gedye"
> To:
> Sent: Wednesday, September 11, 2002 2:46 PM
> Subject: SSLVerifyClient statements causing problems?
>
>
> > Hello List....
> >
> > I searched the archives and saw a few mentions of the error that I am
> > seeing, but no solid solutions so here goes...
> >
> >
> > In attempting to use client certificates to provide/restrict access to
> > certain portions of my website I am encountering problems.
> >
> > Apache 1.3.26, mod_ssl 2.8.10, OpenSSL 0.9.7-b2
> >
> > I believe my syntax is correct as no errors are reported when starting
> > apache.
> > However, the server dies hard (leaving pid file) with the error in both
> > errorlog & ssl_engine_errorlog of:
> > "Unable to configure verify locations for client authentication"
> >
> > This is the only error.
> >
> > Example of syntax:
> >
> >
> > SSLVerifyClient none
> >
> >
> >
> > SSLVerifyClient require
> > SSLVerifyDepth 1
> > SSLOptions +FakeBasicAuth
> > SSLRequire ( %{SSL_CLIENT_S_DN_O} eq "MyOrg" )
> >
> >
> >
> > I have my SSLCACertificatePath & File set as well as the
> SSLCARevocation...
> > (Self signed CA via OpenCA 0.9.1 RC4)
> >
> > Stumped on this one, (Not hard for a newby) everything was fine before
> > attempting the access restrictions.
> >
> > Pointers Please.....
> >
> > Thanks in advance
> >
> > Ron
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
>
>
>
> -------------------------------------------------------
> In remembrance
> www.osdn.com/911/
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
>

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org