httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michele Mase'" <michele.m...@gmail.com>
Subject [users@httpd] Re: mod_ssl help
Date Sun, 03 Mar 2013 20:33:04 GMT
Anyone?


On Fri, Mar 1, 2013 at 7:39 PM, Michele Mase' <michele.mase@gmail.com>wrote:

> I'm testing a client authentication using:
>
> SSLCACertificateFile /path/to/pemfile.pem
> <LocationMatch "/test">
>         SSLVerifyClient require
>         SSLVerifyDepth 2
>         SSLOptions +StdEnvVars +ExportCertData
>         SSLRequire  %{SSL_CLIENT_I_DN} eq "/C=US/O=acme/OU=acme/CN=acme"
> /LocationMatch>
>
>
> I should use two different CA with the same DN (file /path/to/pemfile.pem)
> When i try to use this configuration I receive:
> Access totest denied for 10.10.10.10 (requirement expression not fulfilled)
> Failed expression: %{SSL_CLIENT_I_DN} eq ...
>
> The only way it works is without the SSLRequire directive.
> or
> Using only one CA in the file (file /path/to/pemfile.pem)
>
> Some suggestions?
>
> Regards
> Michele Masè
>

Mime
View raw message