Hi.
Oliver Welter wrote:
> I secured my OpenCA installation with "SSLVerifiyClient", this worked
> fine when I did the config, but seems to be broken by some updates of
> our Server-admins...
>
> I have a htaccess file in my directory containing
> SSLVerifyClient require
> SSLVerifyDepth 3
> SSLRequire %{SSL_CLIENT_M_SERIAL} == "AA"
The following may be related to your problem:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700
In mod_ssl < 2.8.24 an "SSLVerifyClient require" was ignored under
certain special circumstances.
Juergen
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
