Apache: SSLACARevocation directive issue

Thread Tools Search this Thread
Top Forums Web Development Apache: SSLACARevocation directive issue
# 1  
Old 10-19-2009
Apache: SSLACARevocation directive issue

I am installing a .crl in my apache config. It looks like this:

<VirtualHost default>

DocumentRoot "web" ServerName example.com

SSLEngine on

SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle"

SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM

<Directory />

Order deny,allow Allow from all

SSLCACertificateFile "ClientRootCert.crt"

SSLVerifyClient require SSLVerifyDepth 3

SSLCARevocationFile "CRLList.crl"



When Apache is started, I get the error:

SSLCARevocationFile not allowed here

When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message:

ssl_error_expired_cert_alert (both revoked and active certs)

How to solve this?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Ubuntu

Apache - Files directive does not work

HI guys. when i configure Files in this way: <Files ~ "\.png$"> deny from all </Files> it works. but when defining in this way it doesn't work: <Files /var/www/test/file.png> deny from all </Files> directives are not inside Directory directive. Could someone help? (0 Replies)
Discussion started by: majid.merkava
0 Replies

2. Red Hat

Apache 2.2.17 compile issue.

Hi, I am using RedHat Linux 5.3 64bit OS.. When i try to compile apache 2.2.17. during the make install i am getting the below error. Appreciate your help. rsync: link_stat "/Application/softwares/softwares/httpd-2.2.15/docs/manual/." failed: Permission denied (13) rsync: cannot stat... (4 Replies)
Discussion started by: Krrishv
4 Replies

3. AIX

Apache Installation issue

HI Guys, I got the below error while trying to install the apache2.2.15. from the error I can interpret that some of the .h files are missing. I guess those are C library header files.. Can you help me with it. bash-3.00# make Making all in srclib Making all in apr /bin/sh... (3 Replies)
Discussion started by: kkeng808
3 Replies

4. Web Development

regex in apache Allow from directive

Hi, Does the apache Allow from directive support regular expressions? such as: Allow from ^web11blah\.blah\.blah\.yahoo\.com$ what i want to do: allow access from hosts in the range web1160blah.blah.blah.yahoo.com to web1189blah.blah.blah.yahoo.com notice the 1160 to 1189 range as part... (3 Replies)
Discussion started by: Yogesh Sawant
3 Replies

5. Web Development

Apache 2.0 Issue

I did not see a DocumentRoot entry in apache2.conf so I manually put one. DocumentRoot /mohit I restarted apache services but the the pages do not serve from that location. Can someone tell me what I need to do? (4 Replies)
Discussion started by: mojoman
4 Replies

6. UNIX for Advanced & Expert Users

Apache issue

I am trying to get a number of virtual server running on a linux/apache box. I have the virtual server configure properly. However doesn't matter what happens it allways ends up in the / directory (root for apache) and brings up the default page. If I look at the log files all i ever see is GET /,... (1 Reply)
Discussion started by: frankkahle
1 Replies

7. Solaris

Apache start issue

Hi group, I need help to start apache in following scenario: 1) Say apache is installed on solaris OS by user 'root'. 2) An entry is there in httpd.conf that says to start apache process as user: #User <RUN_AS_USER> is edited as User user1 2) Now say user2 has logged and tries to start... (6 Replies)
Discussion started by: rs266
6 Replies

8. Solaris

Apache config issue

I want to build a little website on a Sun Blade 100 running Solaris 10. I just went out to apache.org and downloaded Unix Source: httpd-2.2.8.tar.gz After unpacking the tarball, I CD'd into the subdirectory and ran the configure utility. Of course, it crapped out. I see that it is... (17 Replies)
Discussion started by: BrewDudeBob
17 Replies

9. Solaris

Apache Configuration issue on Solaris

I seem to have an issue with Apache configurationon our Sun solaris Server. Since there are 2 my_app instances running in parallel, the perl modules in my_app_perl_libs are getting shared between them, even though they are in different directories (/u01/my_app and /u01/my_app8). This is because... (1 Reply)
Discussion started by: rahulrathod
1 Replies

10. UNIX for Dummies Questions & Answers

apache directive only for outside network

I set up a directive for the .htaccess file in one of my web directories. It works fine. Is there a way to force only users outside my internal home network to go through the password authorization? Or, put another way, any user in my network should not have to enter a password. Is that possible? (2 Replies)
Discussion started by: dangral
2 Replies
Login or Register to Ask a Question
apache(1M)                                                System Administration Commands                                                apache(1M)

apache - Apache hypertext transfer protocol server overview DESCRIPTION
apache consists of a main server daemon, loadable server modules, some additional support utilities, configuration files, and documenta- tion. FILES
The apache HTTPD server is integrated with Solaris. The following files specify the installation locations for apache: /etc/apache Contains server configuration files. A newly-installed server must be manually configured before use. Typically this involves copying httpd.conf-example to the httpd.conf file and making local configuration adjustments. /usr/apache/bin Contains the httpd executable as well as other utility programs. /usr/apache/htdocs Contains the Apache manual in HTML format. This documentation is accessible by way of a link on the server test page that gets installed upon fresh installation. /usr/apache/include Contains the Apache header files, which are needed for building various optional server extensions with apxs(8) /usr/apache/jserv Contains documention for the mod_jserv java servlet module. Documention can be read with a web browser using the url: file:/usr/apache/jserv/docs/index.html /usr/apache/libexec Contains loadable modules (DSOs) supplied with the server. Any modules which are added using apxs(8)are also copied into this directory. /usr/apache/man Contains man pages for the server, utility programs, and mod_perl. Add this directory to your MANPATH to read the Apache man pages. See NOTES. /usr/apache/perl5 Contains the modules and library files used by the mod_perl extension to Apache. /var/apache/cgi-bin Default location for the CGI scripts. This can be changed by altering the httpd.conf file and restarting the server. /var/apache/htdocs Default document root. This can be changed by altering the httpd.conf file and restarting the server. /var/apache/icons Icons used by the server. This normally shouldn't need to be changed. /var/apache/logs Contains server log files. The formats, names, and locations of the files in this directory can be altered by various configuration directives in the httpd.conf file. /var/apache/proxy Directory used to cache pages if the caching feature of mod_proxy is enabled in the httpd.conf file. The location of the cache can also be changed by changing the proxy configuration in the httpd.conf file. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWapchr | +-----------------------------+-----------------------------+ | |SUNWapchu | +-----------------------------+-----------------------------+ | |SUNWapchd | +-----------------------------+-----------------------------+ SEE ALSO
attributes(5) http://www.apache.org NOTES
In addition to the documentation and man pages included with Solaris, more information is available at http://www.apache.org The Apache man pages are provided with the programming modules. To view the manual pages for the Apache modules with the man command, add /usr/apache/man to the MANPATH environment variable. See man(1) for more information. Running catman(1M) on the Apache manual pages is not supported. SunOS 5.10 8 Aug 2000 apache(1M)