Login or Register to Ask a Question and Join Our Community


Web Development

Apache: SSLACARevocation directive issue

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Web Development Apache: SSLACARevocation directive issue
# 1  
Old 10-19-2009
Apache: SSLACARevocation directive issue
I am installing a .crl in my apache config. It looks like this:

Code:
<VirtualHost default>

DocumentRoot "web" ServerName example.com

SSLEngine on

SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle"

SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM

<Directory />

Order deny,allow Allow from all

SSLCACertificateFile "ClientRootCert.crt"

SSLVerifyClient require SSLVerifyDepth 3

SSLCARevocationFile "CRLList.crl"

</Directory>

</VirtualHost>

When Apache is started, I get the error:

SSLCARevocationFile not allowed here

When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message:

ssl_error_expired_cert_alert (both revoked and active certs)

How to solve this?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Ubuntu

Apache - Files directive does not work

HI guys. when i configure Files in this way: <Files ~ "\.png$"> deny from all </Files> it works. but when defining in this way it doesn't work: <Files /var/www/test/file.png> deny from all </Files> directives are not inside Directory directive. Could someone help? (0 Replies)
Discussion started by: majid.merkava
0 Replies

2. Red Hat

Apache 2.2.17 compile issue.

Hi, I am using RedHat Linux 5.3 64bit OS.. When i try to compile apache 2.2.17. during the make install i am getting the below error. Appreciate your help. rsync: link_stat "/Application/softwares/softwares/httpd-2.2.15/docs/manual/." failed: Permission denied (13) rsync: cannot stat... (4 Replies)
Discussion started by: Krrishv
4 Replies

3. AIX

Apache Installation issue

HI Guys, I got the below error while trying to install the apache2.2.15. from the error I can interpret that some of the .h files are missing. I guess those are C library header files.. Can you help me with it. bash-3.00# make Making all in srclib Making all in apr /bin/sh... (3 Replies)
Discussion started by: kkeng808
3 Replies

4. Web Development

regex in apache Allow from directive

Hi, Does the apache Allow from directive support regular expressions? such as: Allow from ^web11blah\.blah\.blah\.yahoo\.com$ what i want to do: allow access from hosts in the range web1160blah.blah.blah.yahoo.com to web1189blah.blah.blah.yahoo.com notice the 1160 to 1189 range as part... (3 Replies)
Discussion started by: Yogesh Sawant
3 Replies

5. Web Development

Apache 2.0 Issue

I did not see a DocumentRoot entry in apache2.conf so I manually put one. DocumentRoot /mohit I restarted apache services but the the pages do not serve from that location. Can someone tell me what I need to do? (4 Replies)
Discussion started by: mojoman
4 Replies

6. UNIX for Advanced & Expert Users

Apache issue

I am trying to get a number of virtual server running on a linux/apache box. I have the virtual server configure properly. However doesn't matter what happens it allways ends up in the / directory (root for apache) and brings up the default page. If I look at the log files all i ever see is GET /,... (1 Reply)
Discussion started by: frankkahle
1 Replies

7. Solaris

Apache start issue

Hi group, I need help to start apache in following scenario: 1) Say apache is installed on solaris OS by user 'root'. 2) An entry is there in httpd.conf that says to start apache process as user: #User <RUN_AS_USER> is edited as User user1 2) Now say user2 has logged and tries to start... (6 Replies)
Discussion started by: rs266
6 Replies

8. Solaris

Apache config issue

I want to build a little website on a Sun Blade 100 running Solaris 10. I just went out to apache.org and downloaded Unix Source: httpd-2.2.8.tar.gz After unpacking the tarball, I CD'd into the subdirectory and ran the configure utility. Of course, it crapped out. I see that it is... (17 Replies)
Discussion started by: BrewDudeBob
17 Replies

9. Solaris

Apache Configuration issue on Solaris

I seem to have an issue with Apache configurationon our Sun solaris Server. Since there are 2 my_app instances running in parallel, the perl modules in my_app_perl_libs are getting shared between them, even though they are in different directories (/u01/my_app and /u01/my_app8). This is because... (1 Reply)
Discussion started by: rahulrathod
1 Replies

10. UNIX for Dummies Questions & Answers

apache directive only for outside network

I set up a directive for the .htaccess file in one of my web directories. It works fine. Is there a way to force only users outside my internal home network to go through the password authorization? Or, put another way, any user in my network should not have to enter a password. Is that possible? (2 Replies)
Discussion started by: dangral
2 Replies
Login or Register to Ask a Question

LEARN ABOUT REDHAT

httpd

httpd(8)						      System Manager's Manual							  httpd(8)

NAME

       httpd - Apache hypertext transfer protocol server

SYNOPSIS

       httpd [ -d serverroot ] [ -f config ] [ -C directive ] [ -c directive ] [ -D parameter ]

       httpd [ -h ] [ -l ] [ -L ] [ -v ] [ -V ] [ -t ] [ -X ]

DESCRIPTION

       httpd  is  the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used
       like this it will create a pool of child processes to handle requests. To stop it, send a TERM signal to the initial (parent) process.  The
       PID of this process is written to a file as given in the configuration file.

       This  manual  page only lists the command line arguments. For details of the directives necessary to configure httpd see the Apache manual,
       which is part of the Apache distribution or can be found at http://httpd.apache.org/. Paths in this manual may not reflect  those  compiled
       into httpd.

OPTIONS

       -d serverroot
		   Set	the initial value for the ServerRoot directive to serverroot. This can be overridden by the ServerRoot command in the con-
		   figuration file. The default is /etc/httpd.

       -f config   Execute the commands in the file config on startup. If config does not begin with a /, then it is taken to be a  path  relative
		   to the ServerRoot. The default is conf/httpd.conf.

       -C directive
		   Process the configuration directive before reading config files.

       -c directive
		   Process the configuration directive after reading config files.

       -D parameter
		   Sets  a  configuration  parameter which can be used with <IfDefine>...</IfDefine> sections in the configuration files to condi-
		   tionally skip or process commands.

       -h	   Output a short summary of available command line options.

       -l	   Output a list of modules compiled into the server.

       -L	   Output a list of directives together with expected arguments and places where the directive is valid.

       -S	   Show the settings as parsed from the config file (currently only shows the virtualhost settings).

       -t	   Run syntax tests for configuration files only. The program immediately exits after these syntax parsing with  either  a  return
		   code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error).	If -D DUMP_VHOSTS is also set, details of the virtual host
		   configuration will be printed.

       -v	   Print the version of httpd , and then exit.

       -V	   Print the version and build parameters of httpd , and then exit.

       -X	   Run httpd in debug mode.  Only one worker will be started and the server will not detach from the console.

FILES

       /etc/httpd/conf/httpd.conf
       /etc/mime.types
       /etc/httpd/conf/magic
       /var/log/httpd/error_log
       /var/log/httpd/access_log
       /var/run/httpd.pid

								   February 1997							  httpd(8)