Hello, I have a strange problem using SSL with apache 2.2.9 on Gentoo-Linux (mod_ssl 2.2.9 and OpenSSL 0.9.8g): I have two servers running with exactly the same apache and openssl binaries. On one server i can use the SSLCACertificatePath directive to let apache send the CA chain to the browser (self-signed root ca + intermediate ca), the browser gets the complete chain. On the other server i use the same chain with another certificate signed by the intermediate ca, the browser gets only the certificate but no ca certificates. If i use SSLCertificateChainFile the browser gets the complete chain. The apache/mod_ssl debug log on both servers I see a lot of "[Mon Sep 29 07:45:40 2008] [debug] ssl_engine_init.c(1092): CA certificate: /C=DE/..." lines so the ca certificates are read correctly from the folder on both systems. On both servers I use the same SSLCipherSuite entry and the configuration except for the virtual hosts is complete equal. The working server is running mod_perl, the other server uses no mod_perl but mod_php5, that is the only difference. Has anybody an idea how to fix this? Thanks, Dennis --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|