Problem was my CA cert file ( incorrect setting )
(it's the little things....)
----- Original Message -----
From: "Ron Gedye" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 11, 2002 4:15 PM
Subject: [Openca-Users] Fw: SSLVerifyClient statements causing problems?
> Figured I'd post here as well. Apache question related to SSL & OpenCA
>
> Having trouble with running https now that I've tried to enable client
auth
> via certs.
> Didn't find much on the web to directly address this (and I'll now dream
of
> httpd.conf files and SSLxxxx statements in my sleep)
> [ Full information and error listed below ]
>
> Been through the docs @ modssl.org & apache.org; can't see what I'm doing
> wrong.
>
> Any insight would be appreciated
>
> Thanks again.
>
> Ron
>
>
> ----- Original Message -----
> From: "Ron Gedye" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, September 11, 2002 2:46 PM
> Subject: SSLVerifyClient statements causing problems?
>
>
> > Hello List....
> >
> > I searched the archives and saw a few mentions of the error that I am
> > seeing, but no solid solutions so here goes...
> >
> >
> > In attempting to use client certificates to provide/restrict access to
> > certain portions of my website I am encountering problems.
> >
> > Apache 1.3.26, mod_ssl 2.8.10, OpenSSL 0.9.7-b2
> >
> > I believe my syntax is correct as no errors are reported when starting
> > apache.
> > However, the server dies hard (leaving pid file) with the error in both
> > errorlog & ssl_engine_errorlog of:
> > "Unable to configure verify locations for client authentication"
> >
> > This is the only error.
> >
> > Example of syntax:
> >
> > <Directory "/pub">
> > SSLVerifyClient none
> > </Directory>
> >
> > <Directory "/private">
> > SSLVerifyClient require
> > SSLVerifyDepth 1
> > SSLOptions +FakeBasicAuth
> > SSLRequire ( %{SSL_CLIENT_S_DN_O} eq "MyOrg" )
> > </Directory>
> >
> >
> > I have my SSLCACertificatePath & File set as well as the
> SSLCARevocation...
> > (Self signed CA via OpenCA 0.9.1 RC4)
> >
> > Stumped on this one, (Not hard for a newby) everything was fine before
> > attempting the access restrictions.
> >
> > Pointers Please.....
> >
> > Thanks in advance
> >
> > Ron
> >
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
>
>
> -------------------------------------------------------
> In remembrance
> www.osdn.com/911/
> _______________________________________________
> Openca-Users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
