Hm.. I configured modssl to require a client cert
to access a site
SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ )
SSLVerifyClient require
SSLVerifyDepth 5
Then I tried to create a client cert...
openssl req -new -nodes -keyout clientcert.key -out clientcert.csr
Then our CA signed the CSR
openssl x509 -req -in clientcert.csr -out clientcert.crt \
-signkey ca-dff.key -CA ca-dff.crt -CAkey ca-dff.key \
-CAcreateserial -days 14
Our CA root cert is installed in the browser.
I then dropped the clientcert.crt into the browser and installed it.
When I now access the site IE5 opens a box and asks to choose the
client cert. Unfortunately the box is empty!!
I doesn't even show my Thawte Personal Cert!
What am I doing wrong?
--
Torsten
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
