Marc Jadoul wrote:
>
> Hi,
>
> >From RFC2246 (TLS V1.0)
>
> certificate_list
> This is a sequence (chain) of X.509v3 certificates. The sender's
> certificate must come first in the list. Each following
> certificate must directly certify the one preceding it. Because
> certificate validation requires that root keys be distributed
> independently, the self-signed certificate which specifies the
> root certificate authority may optionally be omitted from the
> chain, under the assumption that the remote end must already
> possess it in order to validate it in any case.
>
> In mod_ssl there is a chain for client auhentication
> (SSLCACertificatePath,
> SSLCACertificateFile ), but i do not see where to configure the chain
> for the server certificate.
>
> Is there somewhere a possibility to configure this chain to send with
> the server certificate ?
>
Isn't it the SSLCACertificatePath ??
See ya,
Massimiliano Pala ([EMAIL PROTECTED])
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
