Gerald Villemure wrote:
> There were no replies so I thought I would repost one final time.
>
> I am running RH6.1 with:
> Server: Apache/1.3.11 (Unix) PHP/3.0.14 mod_ssl/2.5.0 OpenSSL/0.9.4
>
> I am trying to require a client cert with:
> SSLVerifyClient require
>
> And I have my CA's Cert in PEM format under:
> SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca.crt
>
> Unfortunately my error log says:
> mod_ssl: Certificate Verification: Error (20): unable to get local
> issuer certificate
I've had the same problem some times ago, but now I solved it.
First I make the hash links to my Ca's certificate by running the command
make
Second I checked for the full certificate chain from my CA to my client
certs
founding that I missed an intermediate CA cert.
For intermediate CA cert, I think you _must_ set the
SSLCACertificatePath <path_to_your_ca_certs_folder>
in the httpd.conf file.
I'm not sure this is the rigth solution, but at the moment I know only this
one.
Bye
begin:vcard
n:Di Martino;Paolo
x-mozilla-html:FALSE
org:Omega Generation S.r.l.
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
end:vcard
