Apache: SSLACARevocation directive issue

Thread Tools Search this Thread
Top Forums Web Development Apache: SSLACARevocation directive issue
# 1  
Old 10-19-2009
Apache: SSLACARevocation directive issue

I am installing a .crl in my apache config. It looks like this:

<VirtualHost default>

DocumentRoot "web" ServerName example.com

SSLEngine on

SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle"

SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM

<Directory />

Order deny,allow Allow from all

SSLCACertificateFile "ClientRootCert.crt"

SSLVerifyClient require SSLVerifyDepth 3

SSLCARevocationFile "CRLList.crl"



When Apache is started, I get the error:

SSLCARevocationFile not allowed here

When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message:

ssl_error_expired_cert_alert (both revoked and active certs)

How to solve this?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Ubuntu

Apache - Files directive does not work

HI guys. when i configure Files in this way: <Files ~ "\.png$"> deny from all </Files> it works. but when defining in this way it doesn't work: <Files /var/www/test/file.png> deny from all </Files> directives are not inside Directory directive. Could someone help? (0 Replies)
Discussion started by: majid.merkava
0 Replies

2. Red Hat

Apache 2.2.17 compile issue.

Hi, I am using RedHat Linux 5.3 64bit OS.. When i try to compile apache 2.2.17. during the make install i am getting the below error. Appreciate your help. rsync: link_stat "/Application/softwares/softwares/httpd-2.2.15/docs/manual/." failed: Permission denied (13) rsync: cannot stat... (4 Replies)
Discussion started by: Krrishv
4 Replies

3. AIX

Apache Installation issue

HI Guys, I got the below error while trying to install the apache2.2.15. from the error I can interpret that some of the .h files are missing. I guess those are C library header files.. Can you help me with it. bash-3.00# make Making all in srclib Making all in apr /bin/sh... (3 Replies)
Discussion started by: kkeng808
3 Replies

4. Web Development

regex in apache Allow from directive

Hi, Does the apache Allow from directive support regular expressions? such as: Allow from ^web11blah\.blah\.blah\.yahoo\.com$ what i want to do: allow access from hosts in the range web1160blah.blah.blah.yahoo.com to web1189blah.blah.blah.yahoo.com notice the 1160 to 1189 range as part... (3 Replies)
Discussion started by: Yogesh Sawant
3 Replies

5. Web Development

Apache 2.0 Issue

I did not see a DocumentRoot entry in apache2.conf so I manually put one. DocumentRoot /mohit I restarted apache services but the the pages do not serve from that location. Can someone tell me what I need to do? (4 Replies)
Discussion started by: mojoman
4 Replies

6. UNIX for Advanced & Expert Users

Apache issue

I am trying to get a number of virtual server running on a linux/apache box. I have the virtual server configure properly. However doesn't matter what happens it allways ends up in the / directory (root for apache) and brings up the default page. If I look at the log files all i ever see is GET /,... (1 Reply)
Discussion started by: frankkahle
1 Replies

7. Solaris

Apache start issue

Hi group, I need help to start apache in following scenario: 1) Say apache is installed on solaris OS by user 'root'. 2) An entry is there in httpd.conf that says to start apache process as user: #User <RUN_AS_USER> is edited as User user1 2) Now say user2 has logged and tries to start... (6 Replies)
Discussion started by: rs266
6 Replies

8. Solaris

Apache config issue

I want to build a little website on a Sun Blade 100 running Solaris 10. I just went out to apache.org and downloaded Unix Source: httpd-2.2.8.tar.gz After unpacking the tarball, I CD'd into the subdirectory and ran the configure utility. Of course, it crapped out. I see that it is... (17 Replies)
Discussion started by: BrewDudeBob
17 Replies

9. Solaris

Apache Configuration issue on Solaris

I seem to have an issue with Apache configurationon our Sun solaris Server. Since there are 2 my_app instances running in parallel, the perl modules in my_app_perl_libs are getting shared between them, even though they are in different directories (/u01/my_app and /u01/my_app8). This is because... (1 Reply)
Discussion started by: rahulrathod
1 Replies

10. UNIX for Dummies Questions & Answers

apache directive only for outside network

I set up a directive for the .htaccess file in one of my web directories. It works fine. Is there a way to force only users outside my internal home network to go through the password authorization? Or, put another way, any user in my network should not have to enter a password. Is that possible? (2 Replies)
Discussion started by: dangral
2 Replies
Login or Register to Ask a Question
Apache::TestHandler(3pm)				User Contributed Perl Documentation				  Apache::TestHandler(3pm)

Apache::TestHandler - a few response handlers and helpers SYNOPSIS
package My::Test; use Apache::TestHandler (); sub handler { my ($r) = @_; my $result = do_my_test; Apache::TestHandler::ok1 $r, $result; } sub handler2 { my ($r) = @_; my $result = do_my_test; Apache::TestHandler::ok $r, $result; } DESCRIPTION
"Apache::TestHandler" provides 2 very simple response handler. FUNCTIONS
ok $r, $boolean The handler simply prints out "ok" or "not ok" depending on the optional $boolean parameter. If $boolean is omitted "true" is assumed. ok1 $r, $boolean This handler implements a simple response-only test. It can be used on its own to check if for a certain URI the response phase is reached. Or it can be called like a normal function to print out the test result. The client side is automatically created as described in <http://perl.apache.org/docs/general/testing/testing.html#Developing_Response_only_Part_of_a_Test>. $boolean is optional. If omitted "true" is assumed. same_interp_counter same_interp_fixup TODO SEE ALSO
The Apache-Test tutorial: <http://perl.apache.org/docs/general/testing/testing.html>. Apache::Test. AUTHOR
Doug MacEachern, Geoffrey Young, Stas Bekman, Torsten Foertsch and others. Questions can be asked at the test-dev <at> httpd.apache.org list For more information see: http://httpd.apache.org/test/. perl v5.14.2 2011-04-19 Apache::TestHandler(3pm)

Featured Tech Videos