From: Juergen B. <bra...@df...> - 2006-06-29 07:28:09
|
Hi. Oliver Welter wrote: > I secured my OpenCA installation with "SSLVerifiyClient", this worked > fine when I did the config, but seems to be broken by some updates of > our Server-admins... > > I have a htaccess file in my directory containing > SSLVerifyClient require > SSLVerifyDepth 3 > SSLRequire %{SSL_CLIENT_M_SERIAL} == "AA" The following may be related to your problem: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700 In mod_ssl < 2.8.24 an "SSLVerifyClient require" was ignored under certain special circumstances. Juergen |