Michael Voucko wrote:
>
> Hi *,
>
> I searched the archives because of this subject. There were a few posts a little time ago
> but as far as I got through it there was no clear answer to this question. Is there
> someone who solved the problem or can say that there's no way to do it.
>
> It's because I want to test a security proxy with a running Apache-SSL server and I don't
> want to change anything with its configuration if possible so the chance to add just a
> another trusted CA would ease a lot.
>
> Thanks in advance
> Michael
Hi Michael,
adding another trusted CA for the same virtual host is done by
concatenating the extra CA file to the old CA file , given by the
directive SSLCACertificateFile. I thought the directive
SSLCACertificatePath was used to do this, but putting my CAs down
there and hashlinking them did not do anything. Unfortunately Ben
did not mention the purpose of this directive anywhere.
Putting every PEM-encoded CA in the one SSLCACertificateFile
allows every cert signed by that CAs to pass to the virtual host.
Hope I understood your question in the right way,
Eckard
--
Sorry for the fake email address, but my home (address) is my castle