Guys, just to ley you know that I have solved the problem.

The CA cert I was using was bad (wrong extensions set). That is why 
Apache/mod_ssl was saying that it was an invalid CA cert. Using a different 
CA solved my problem and I can use client certs to log on fine now !

Many thanks for your help on this.

Chris...

On Friday 24 October 2003 18:00, Chris Covell wrote:
> Many thanks to those of you who have helped me on this.
>
> Unfortunately I still have the problem. I have also duplicated the problem
> on a completely different environment, so I think it is either me, or the
> certificates I am using !
>
> I have taken all of you advice and set up the web server like this:
>
> SSLCertificateFile            .../conf/ssl.crt/server.crt
> SSLCertificateKeyFile         .../conf/ssl.key/server.key
> SSLCACertificateFile          .../conf/ssl.crt/cacert.crt
>
> SSLVerifyClient require
> SSLVerifyDepth  2
>
> where the cacert.crt file has both the sub and the root CA certificates in
> it.
>
> The error I am getting in the apache log is:
>
> mod_ssl: Certificate Verification Error (24): invalid CA certificate
>

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to