apacheopensslmod-ssl

Per-directory CA in httpd 2.4 (mod_ssl)


was support for per-directory CA files removed in httpd 2.4?

<Location /directory>
Require valid-user

SSLVerifyClient require
SSLVerifyDepth 5
SSLCACertificateFile /path/to/ca.crt
</Location>

This snippet works under httpd 2.2.29, but isn't valid for httpd 2.4.10 because of "Your SSL library does not have support for per-directory CA". I sadly couldn't find any evidence there was any change (no mention in release notes, documentation for mod_ssl is the same), so maybe it's bug?

Compiled on RHEL, "./configure --with-included-apr --enable-so --with-crypto --enable-ssl", openssl 1.0.1e (16.el6_5.15)


Solution

  • It appears to be expected behaviour according to RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1179716