Apache 2.2.14: SSLCARevocation location

Posted by Doc on Server Fault See other posts from Server Fault or by Doc
Published on 2009-10-14T13:17:22Z Indexed on 2011/01/06 16:55 UTC
Read the original article Hit count: 361

Filed under:

apache

|

httpd.conf

|

revoked

I am installing a .crl in my apache config. It looks like this:

VirtualHost default

DocumentRoot "web" ServerName example.com

SSLEngine on

SSLCertificateFile "cert.crt" SSLCertificateKeyFile "key.key" SSLCertificateChainFile "cert.ca-bundle"

SSLProtocol -all +SSLv3 SSLCipherSuite SSLv3:+HIGH:+MEDIUM

Directory

Order deny,allow Allow from all

SSLCACertificateFile "ClientRootCert.crt"

SSLVerifyClient require SSLVerifyDepth 3

SSLCARevocationFile "CRLList.crl"

Directory

VirtualHost

When Apache is started, I get the error:

SSLCARevocationFile not allowed here

When I place SSLCARevocationFile above the Directory tag, Apache starts, but all client certs are rejected with the message:

ssl_error_expired_cert_alert (both revoked and active certs)

How to solve this?

© Server Fault or respective owner

Related posts about apache

Web site not responding

as seen on Super User - Search for 'Super User'
I have website working fine before. But now its not able to connect to the server(I believe that is the problem). But its strange that the message not able to connect to the server is not coming and its keep connecting... for infinite time. Here is the screenshot. Here are some of the useful… >>> More
SVN Error 403 Forbidden

as seen on Stack Overflow - Search for 'Stack Overflow'
I can't figure this out. I try to import a new project into a svn repository from Netbeans and get 403 Forbidden. I just setup svn on my serverbox today. I can get to it through a browser just fine, though its empty as I haven't imported my project yet. Apache's path for html files is /var/www I… >>> More
How can I setup dependencies for Axis2 / Axiom on Maven2

as seen on Stack Overflow - Search for 'Stack Overflow'
I've tried the following settings on pom.xml to use Axis2 wsdl2code: <dependencies> <dependency> <groupId>org.apache.axis2</groupId> <artifactId>axis2</artifactId> <version>1.5.1</version> </dependency> </dependencies> ... <build> … >>> More
Problem compiling hive with ant

as seen on Stack Overflow - Search for 'Stack Overflow'
I compiling with Solaris 10 SPARC, jdk 1.6 from Sun, Ant 1.7.1 from OpenCSW. I have no problem running hadoop 0.17.2.1 However, I have problem compiling/integrating hive with the error 'cannot find symbol', although I followed the tutorial. I have the hive source code from SVN exactly from tutorial… >>> More
War deployment error related to classloading

as seen on Stack Overflow - Search for 'Stack Overflow'
hello when i am deploying my war file and run it it will give error like org.springframework.instrument.classloading.tomcat.TomcatInstrumentableClassLoader Jan 6, 2011 3:16:04 PM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor servlet.xml Jan… >>> More

Related posts about httpd.conf

Optimizing apache server load

as seen on Server Fault - Search for 'Server Fault'
We have an issue with a dedicated server load. We have 16 processors with 4 core @ 2.40GHz, if I understood correctly cat /proc/cpuinfo output. Unfortunately, I don't have access to free -m or vmstat. But from top I got that we have 24 GB. And snapshot from top about processes: As far as I see… >>> More
apache name virtual host - two domains and SSL

as seen on Server Fault - Search for 'Server Fault'
I'm trying to setup Apache(2.2.3) to run two websites with SSL using both different domains and IP addresses. Both websites run fine on port 80 but when I tried to enable SSL for website2 I get a ssl_error_bad_cert_domain error; website2 picks up the SSL cert for website1. Here is my setup in httpd… >>> More
Apache2 - mod_expire and mod_rewrite not working in httpd.conf - serving content from tomcat

as seen on Server Fault - Search for 'Server Fault'
Hi, I am using apache2 server running on debian which forwards all the http request to tomcat installed on same machine. I have two files under my /etc/apache2/ folder apache2.conf and httpd.conf I modified httpd.conf file to look like following. # forward all http request on port 80 to tomcat ProxyPass… >>> More
httpd.conf configuration - for internal/external access

as seen on Server Fault - Search for 'Server Fault'
hey. after a lot of trail/error/research, i've decided to post here in the hopes that i can get clarification on what i've screwed up... i've got a situation where i have multiple servers behind a router/firewall. i want to be able to access the sites i have from an internal and external url/address… >>> More
My httpd.conf was accidentally deleted, can't start apache. How do I recreate httpd.conf in Godaddy'

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I don't know if it's appropriate to ask for this but I really need to know what's the initial content of /var/www/vhosts/mydomain.com/conf/httpd.include on Godaaddy's VDS because the conf directory was accidentally deleted by somebody and now I cannot start Apache. We didn't purchase an assited… >>> More