Date: Thu, 28 Aug 1997 20:35:12 -0400 From: Chris Shenton <cshenton@it.hq.nasa.gov> To: questions@freebsd.org Subject: apache-ssl -- can't verify cert (MORE) Message-ID: <199708290035.AAA28163@wirehead.it.hq.nasa.gov>
next in thread | raw e-mail | index | archive | help
I forgot to mention: although the apache-ssl server cannot verify the client cert, it *will* do SSL between client and server. I tell the client not to return to the server one of my client certs. The server is configured in httpd.conf with: # Set SSLVerifyClient to: # 0 if no certicate is required # 1 if the client may present a valid certificate # 2 if the client must present a valid certificate # 3 if the client may present a valid certificate but it is not required to # have a valid CA SSLVerifyClient 3 So it doesn't require the client to submit one. Hummm... #1 requires a valid CA, but #3 does not. So I really don't know why it fails me when it can't verify the client cert. This means that a majority of the SSL is working fine -- that it simply cannot validate the client's cert.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708290035.AAA28163>