How to accept only certain client certificates
I have a working SSL configuration, with client certificate authentication.
The SSLCACertificateFile directive is set so I accept every client who
has a certificate from that CA.
The problem is that since I'm running a web service, not webpages,
I want allow the access for a few clients only.
One way to achieve this to create my own CA and Issue client certificates,=
which I'm doing now.
But my clients have their own certificates issued by eg. Verisign.
Is there a way to allow theese certs while denying the other from the same =
Can I just somehow directly enumerate the certificates I want to allow,=20
similar to the java truststore concept?
Thank you in advance
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]