httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aman Raheja <>
Subject [users@httpd] client cert auth issue
Date Mon, 06 Jun 2005 19:01:22 GMT
1. apache 2.0.54 on Sol 8

2. I have the following in a vhost used for client auth proxy

    SSLProxyEngine On
    SSLVerifyDepth 4
    SSLProxyVerify require
    SSLProxyCACertificateFile "/usr/local/apache/server2/ssl/CA.pem"

3. When I run the following on command line
openssl s_client -connect >servername>:443 -cert 
/usr/local/apache/server2/ssl/client.pem -CAfile 

I get, in the last line
    Verify return code: 0 (ok)

which verifies my certs.

4. But through the browser I get Internal Server Error and in the error log

[Mon Jun 06 13:58:39 2005] [error] Certificate Verification: Certificate 
Chain too long (chain has 4 certificates, but maximum allowed are only 1)

5. Now, my CA has a chain of 4 certs and I have specified the 
SSLVerifyDepth in the config to be 4.
What's missing?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message