httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dennis Birkholz <>
Subject [users@httpd] SSL: CA-Certificate is not sent to browser with SSLCACertificatePath
Date Mon, 29 Sep 2008 06:29:10 GMT

I have a strange problem using SSL with apache 2.2.9 on Gentoo-Linux
(mod_ssl 2.2.9 and OpenSSL 0.9.8g):

I have two servers running with exactly the same apache and openssl
binaries. On one server i can use the SSLCACertificatePath directive to
let apache send the CA chain to the browser (self-signed root ca +
intermediate ca), the browser gets the complete chain.
On the other server i use the same chain with another certificate signed
by the intermediate ca, the browser gets only the certificate but no ca
certificates. If i use SSLCertificateChainFile the browser gets the
complete chain.

The apache/mod_ssl debug log on both servers I see a lot of "[Mon Sep 29
07:45:40 2008] [debug] ssl_engine_init.c(1092): CA certificate:
/C=DE/..." lines so the ca certificates are read correctly from the
folder on both systems.

On both servers I use the same SSLCipherSuite entry and the
configuration except for the virtual hosts is complete equal.

The working server is running mod_perl, the other server uses no
mod_perl but mod_php5, that is the only difference.

Has anybody an idea how to fix this?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message