On Tue, Dec 30, 2008 at 5:08 PM, <postmaster@xxxxxxxxxx> wrote: > SSLCertificateFile prg:/usr/bin/certgenerate > SSLCertificateFile |/usr/bin/certgenerate > SSLCertificateFile exec:/usr/bin/certgenerate None of these syntax are supported, and if they were they wouldn't be evaluated per-request or connection. > How can I specify a certificate dynamically for each request? I don't think this is possible with mod_ssl > The problem is that this generate a security warning in the browser, even when the CA root is imported. > This because the DN host name does not match the real host name, and using a DN of "*" or something like that dosen't help. Since the request follows the handshake, would you even know the hostname being requested at the right time? (SNI aside) -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx