thanks that works, a little tricky if you want to use SSLVerifyClient optional, as it 403s everything in that case instead just not filling in the client variables. But I can always do that programmaticaly if I need it. -- View this message in context: http://www.nabble.com/Client-Verification-with-sub-ca%27s-tp22469681p22478223.html Sent from the mod_ssl - Users mailing list archive at Nabble.com.
______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager majord...@modssl.org