Apache2.2-mod-ssl: No whitelisting of certificates?
just a question about the mod_ssl in Apache2.2:
I am currently porting an application that makes use of client
certificates from Apache1.3 to Apache2.2.
Apache1.3 used a whitelisting mechanism, i.e. a certificate was
accepted only if was listed in /etc/ssl/certs.
In contrast, Apache2.2 does not seem to do any whitelisting, instead
it checks a CRL file in /etc/ssl/revoke, i.e. does a blacklisting.
Is there any chance to have whitelisting with Apache2.2 (except for
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]