httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <scte...@apache.org>
Subject Re: [users@httpd] Verisign signatures with Apache server
Date Tue, 09 Jan 2007 18:46:36 GMT

On Jan 9, 2007, at 10:31 AM, Purswani, Prakash wrote:

> Thanks Sander, It worked now I m not getting Session error anymore  
> but still Apache is not able to start and throwing the following  
> error:
>
> ssl-error_log has the following error message :    [error] Unable  
> to configure verify locations for client authentication

It may be that the server is confused between the  
SSLCACertificateFile and SSLCACertificatePath directives, which both  
appear in your configuration snippet. Do you have the cert files set  
up as required for the latter directive? Perhaps you should remove one.

Also, you might consider using SSLCACertificateChainFile to point to  
the server certificate chain.  See also:

http://httpd.apache.org/docs/2.0/mod/ 
mod_ssl.html#sslcertificatechainfile

That leaves you with SSLCACertificateFile to point directly to the CA  
certificate file for which you require your client certificates to  
have signatures.  See also:

http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#accesscontrol

S.

-- 
sctemme@apache.org            http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF



Mime
View raw message