Dear all, I have a working SSL configuration, with client certificate authentication. The SSLCACertificateFile directive is set so I accept every client who has a certificate from that CA.
The problem is that since I'm running a web service, not webpages, I want allow the access for a few clients only. One way to achieve this to create my own CA and Issue client certificates, which I'm doing now. But my clients have their own certificates issued by eg. Verisign. Is there a way to allow theese certs while denying the other from the same CA? Can I just somehow directly enumerate the certificates I want to allow, similar to the java truststore concept? Thank you in advance Mihály Héder ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]