Re: [Openca-Users] sOT: SSLVerifiyClient in Apache not working

[Juergen B. <bra...@df...>]

Hi.

Oliver Welter wrote:
> I secured my OpenCA installation with "SSLVerifiyClient", this worked
> fine when I did the config, but seems to be broken by some updates of
> our Server-admins...
> 
> I have a htaccess file in my directory containing
> SSLVerifyClient require
> SSLVerifyDepth 3
> SSLRequire  %{SSL_CLIENT_M_SERIAL} == "AA"

The following may be related to your problem:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700

In mod_ssl < 2.8.24 an "SSLVerifyClient require" was ignored under
certain special circumstances.

Juergen