Dear all,

I have a working SSL configuration, with client certificate authentication.
The SSLCACertificateFile directive is set so I accept every client who
has a certificate from that CA.

The problem is that since I'm running a web service, not webpages,
I want allow the access for a few clients only.
One way to achieve this to create my own CA and Issue client certificates, 
which I'm doing now.
But my clients have their own certificates issued by eg. Verisign.
Is there a way to allow theese certs while denying the other from the same CA?
Can I just somehow directly enumerate the certificates I want to allow, 
similar to the java truststore concept?

Thank you in advance
Mihály Héder
Apache Interface to OpenSSL (mod_ssl)         
User Support Mailing List            
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to