Tridib,
I have a similar configuration as you have illustrated. I was able to get client
authentication to work with apache_1.3.14 with mod_ssl_2.7.1 and openssl 0.9.5a. I
couldn't get client authentication to
work with a chain for apache_1.3.12. Try upgrading to apache 1.3.14 and see if that
works.
For CRLs, I placed each of the CRLs into a CRL directory. I then ran the make command
to create the hash links to each of the CRLs. It worked correctly.
Hope this helps.
Lorrayne
Tridib wrote:
> Hi
>
> Could you please help me how can I implement client authentication if there is
>multiple certificate chain. I am usnig Apache_1.3.12+ Ben's SSL_1.40(Linux) and
>certificate chain looks like following:
>
> CERTIFICATE CHAIN HIERARCHY
>
> Root Certificate
> --------------------------------------------
> | | | |
> | | | |
> | | | |
> | | | |
> | | | |
> CA1 CA2 CA3 CA4 (Certification Authority)
> | | | |
> | | | |
> | | | |
> Client Client Client Client
> Cert1 Cert2 Cert3 Cert4
>
> Please also suggest how CRLs (because I guess there will four CRLs signed by four
>CAs) can be checked before client authentication.
>
> Thank you
> Tridib
>
> _____________________________________________________
> Chat with your friends as soon as they come online. Get Rediff Bol at
> http://bol.rediff.com
>
> _____________________________________________________
> Chat with your friends as soon as they come online. Get Rediff Bol at
> http://bol.rediff.com
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
