--- Comment #5 from Tim Landscheidt <> ---
I played around with it a bit yesterday, but any attempt appeared futile.

On tools-webproxy, I made sure RapidSSL_CA.pem was in /etc/ssl/certs, up to
date and had a symlink.  I've set SSLCACertificatePath to /etc/ssl/certs, shut
down and started up Apache, and still only the server certificate was served
either to online test sites or "echo | openssl s_client -connect | less".

I set SSLCertificateChainFile to which I created
by "cat RapidSSL_CA.pem GeoTrust_Global_CA.pem >", yet: Nada.

I've renamed to to have
Apache read the chained certificate as its only SSLCertificateFile option, and
still only the server certificate was served; and in all cases, after a proper
shutdown & start.

So, Coren, after this experience and recently watching RobH fiddle with
wikitech's certificate for hours to get it right, a checklist: "File x should
have one -- CERTIFICATE -- session", "Directive y should point to file Z", etc.
would be greatly appreciated :-).

You are receiving this mail because:
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to