Weird problem with client certificates

Weird problem with client certificates

am 04.04.2006 16:31:43 von Hostmaster Leadtracking

Hello,

we are running Apache 2.0.53 with openssl 0.9.7e on linux. There's a
weird problem using client certificates. When accessing
"/srv/www/ssldocs/secure" via https://www.domain.com/secure there's
absolutely no client certificate checked. Access is possible without
valid cert. My vhost is written like shown on modssl.org, I tried every
possible combination, but no success. After reading numerous faq's and
bbs and finding nothing about that problem, I wanted to ask, if anybody
knows about this problem or has as solution for this.

Thanks alot so far,


Alex


DocumentRoot /srv/www/ssldocs
ServerName SSL

SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLOptions +StdEnvVars +StrictRequire
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key

SSLVerifyClient none
SSLVerifyDepth 5
SSLCACertificateFile /etc/apache2/ssl.crt/clientca.crt
SSLCACertificatePath /etc/apache2/ssl.crt


SSLVerifyClient require
SSLRequireSSL




____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org