httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sterpu Victor" <vic...@caido.ro>
Subject [users@httpd] SSL - How client certificates are verified?
Date Sun, 23 Aug 2015 06:51:10 GMT
Hello

I have a web page that asks for client certificate.
These are the options for this:

SSLVerifyClient require
SSLVerifyDepth 10

How does SSLVerifyClient  verifies the client certificate?
This option protects against certificates manual made with a fake 
public-private key pair?
So can someoane make a certificate identical with the original, attach 
another set of public and private keys and pretend to be someoane else?

Thank you

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus


Mime
View raw message