Dear all,

I have a working SSL configuration, with client certificate authentication.
The SSLCACertificateFile directive is set so I accept every client who
has a certificate from that CA.

The problem is that since I'm running a web service, not webpages,
I want allow the access for a few clients only.
One way to achieve this to create my own CA and Issue client certificates,=
=20
which I'm doing now.
But my clients have their own certificates issued by eg. Verisign.
Is there a way to allow theese certs while denying the other from the same =
CA?
Can I just somehow directly enumerate the certificates I want to allow,=20
similar to the java truststore concept?

Thank you in advance
Mih=E1ly H=E9der
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org