You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by ab...@dgi.finances.gouv.fr on 2006/03/21 15:26:34 UTC

[users@httpd] SSLCARevocationFile

Hello
I built a web server with apache 2.xx. I secure the access with 
SSLVerifyClient directive
Next I revoke a certificate and then generate my crl. I can verify that 
the revocated certificate is in the crl.
Pb I'm still able to connect the server with my revocated certificate.
Here's my httpd.conf:

<VirtualHost 10.227.30.20:443>
DocumentRoot "/var/www/serveur/serverssl/html"
ServerName serverssl
ServerAdmin root@serverssl
ErrorLog logs/error_ssl_log
TransferLog logs/access_ssl_log
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/ssl/cassl/serverssl.pem
SSLCertificateKeyFile /etc/ssl/cassl/serverssl.key
SSLCACertificatePath /etc/ssl/cassl
SSLCACertificateFile /etc/ssl/cassl/trustees.pem
SSLCARevocationFile /etc/ssl/crl/crl.pem
SSLVerifyClient require
SSLVerifyDepth 10
</VirtualHost>


Any help would be great