httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From domi <>
Subject Re: [users@httpd] Problem with revoked certificates.
Date Sun, 04 Feb 2007 18:27:41 GMT

Joost wrote:

Joost de Heer wrote:
> domi wrote:
> [Question about CRLs]
>> <VirtualHost _default_:443>
>> ServerName
>> Errorlog /opt/exampleca/ssl_error_log
>> Transferlog /opt/exampleca/ssl_access_log
>> SSLEngine on
>> SSLProtocol all
>> SSLCertificateFile /some/path/01.pem
>> SSLCertificateKeyFile /some/path/testkey.pem
>> SSLCertificateChainFile /some/path/cacert.pem
>> </VirtualHost>
> You are missing a SSLCARevocationFile directive. Apache should check the
> CRL, not the browser.
> Joost

Hello Joost,
thank you for your answer. I have a question concerning it. The definition
says the following:
<This directive sets the all-in-one file where you can assemble the
Certificate Revocation Lists (CRL) of Certification <Authorities (CA) whose
clients you deal with. These are used for Client Authentication. ...
As I understand this definition it is just for client authentication which I
don't want to deal with. (Not yet.)
Or do I misunderstand the definition?

best regards domi
View this message in context:
Sent from the Apache HTTP Server - Users mailing list archive at

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message