The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Special Forums > Web Programming, Web 2.0 and Mashups
Apache: SSLACARevocation directive issue Apache: SSLACARevocation directive issue
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read


Web Programming, Web 2.0 and Mashups Discuss Web Programming and Web Server Administration, including LAMP, Apache, MySQL, Flash, HTML, SEO, Mashups and other Web APIs and topics.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
regex in apache Allow from directive Yogesh Sawant Web Programming, Web 2.0 and Mashups 3 03-29-2009 03:29 PM
Apache 2.0 Issue mojoman Web Programming, Web 2.0 and Mashups 4 01-12-2009 05:38 AM
Apache issue frankkahle UNIX for Advanced & Expert Users 1 11-12-2008 05:27 PM
Apache start issue rs266 SUN Solaris 6 08-21-2008 11:17 AM
apache directive only for outside network dangral UNIX for Dummies Questions & Answers 2 02-06-2005 09:19 AM

Reply
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish Bulgarian Greek Powered by Powered by Google
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #1 (permalink)  
Old 10-19-2009
DocBrewer DocBrewer is offline
Registered User
  
 

Join Date: Apr 2008
Posts: 6
Apache: SSLACARevocation directive issue
I am installing a .crl in my apache config. It looks like this:

Code:

<VirtualHost default>

DocumentRoot "web" ServerName example.com

SSLEngine on

SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle"

SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM

<Directory />

Order deny,allow Allow from all

SSLCACertificateFile "ClientRootCert.crt"

SSLVerifyClient require SSLVerifyDepth 3

SSLCARevocationFile "CRLList.crl"

</Directory>

</VirtualHost>
When Apache is started, I get the error:

SSLCARevocationFile not allowed here

When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message:

ssl_error_expired_cert_alert (both revoked and active certs)

How to solve this?
Reply

Bookmarks

Tags
apache, certificate, httpd.conf

« Flush Ads - Is this code overriding my ads? | Problem with image display stored outside webserver in Unix? »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Hybrid Mode Hybrid Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 09:08 PM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language Translations Powered by .
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0