Hi!
I have a problem with apache2 running under Debian "sarge": I have two
different CA keys, both having their own CRLs.
SSL-client-authentication against any of these keys fails with the message
"Invalid signature on CRL". However, checking the client certs against
these CA keys directly with the "openssl" tool succeeds:
# openssl verify -verbose -purpose sslclient -CApath /etc/apache2/ssl \
~/client-key.pem
client-key.pem: OK
#
Both CA keys have the same "issuer" string. Could this be a problem for
mod_ssl?
Do you have any hints for me how to debug this problem?
Thanks,
Chris
-- _,, Christian Schwarz
/ o \__ [EMAIL PROTECTED]
! ___; [EMAIL PROTECTED], [EMAIL PROTECTED]
\ /
\\\______/ ! PGP-fp: 8F 61 EB 6D CF 23 CA D7 34 05 14 5C C8 DC 22 BA
\ / http://schwarz-online.com
-.-.,---,-,-..---,-,-.,----.-.-
"DIE ENTE BLEIBT DRAUSSEN!"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]
