On Tue, Jul 13, 2010 at 3:23 AM, galaft wang <galaft@xxxxxxxxx> wrote: > Hi, > > As we know, directive SSLVerifyClient in mod_ssl can be used for Client > Authentication > > SSLVerifyClient require > > It means the client has to present a valid Certificate > > However, for specific purpose, I only want to verify: whether client's > certificate is issued by trusted CA. > I do not want to verify common name in client's certificate. > In another word, if the client certificate is issued by trusted CA, even its > common name is not matched, we can also consider this client certificate is > valid. What does mod_ssl match the CN of a client certificate against? -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|