On March 8, 2012 2:09 , "Durairaj, Srinivasan (NSN - IN/Hyderabad)"
<[email protected]> wrote:
I want to enable HTTPD to support multi-layer certificates (ca chain).
I had 2 options
Option 1:
We can configure SSLCertificateFile (EE file) and SSLCertificateChainFile (CA
Chain)
Option 2:
We can configure SSLCertificateFile (EE+CA Chain)
When we tested we found that Option 1 worked and Option 2 did not.
Any idea if I have missed anything in Option 2 or how to make Option 2 work
HTTP version Is 2.2.3
Why do you think Option 2 should work? What is bad about Option 1?
What problem are you trying to solve?
The documentation is pretty clear.
https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslcertificatefile
says that the file specified by SSLCetificateFile contains the
certificate for the server and, optionally, the private key. It does
not mention anything about CA certificates. On the other hand,
https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslcertificatechainfile
says that SSLCertificateChainFile specifies the "all-in-one" file
containing certificates from the server certificate up through and
including the root CA certificate.
--
Mark Montague
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
