Oliver.Schaudt@unilog.de wrote:
> Perhaps
> SSLVerifyClient require
> Default is
> SSLVerifyClient none

Good idea, but this is set already (otherwise the
client would not authentify with the certificate)
for this virtual host. Moving it into the directory
section does not change anything either. And VerifyDepth
is set, too...


Dipl.Inform. Olaf Gellert PRESECURE (R)
Senior Researcher, Consulting GmbH
Phone: (+49) 0700 / PRESECURE og@pre-secure.de

A daily view on Internet Attacks

__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org