* Brian Mearns <bmearns@xxxxxxxx> [2009-01-16 14:40]: > First, if I use SSLRequire to check various fields in a client's > certificate, is it implied that the certificate has already been > verified as signed by one of the CA's I've defined in > SSLCACertificateFile, for instance? In other words, this isn't just > checking that someone made a certificate with the correct DN values, > right? It's also verifying implicitly that it comes from an approved > CA? I assume the same is true if I use FakeBasicAuth? http://httpd.apache.org/docs/2.2/en/mod/mod_ssl.html#sslcacertificatefile probably also if interest: http://httpd.apache.org/docs/2.2/en/mod/mod_ssl.html#sslverifyclient http://httpd.apache.org/docs/2.2/en/mod/mod_ssl.html#sslrequiressl etc. cheers, -peter -- peter.schober@xxxxxxxxxxxx - vienna university computer center Universitaetsstrasse 7, A-1010 Wien, Austria/Europe Tel. +43-1-4277-14155, Fax. +43-1-4277-9140 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|