we used openssl-engine-0.9.6g because, thats the latest stable version and
we needed the engine version to support pci accelerator card.
our main issue is with the module - mod_authz_ldap
(http://authzldap.othello.ch/) which is needed
to check the client certificates with ldap directory entries.
to install this mod_authz_ldap, it is necessary to apply a patch
at present, the first obstacle is i am unable to apply this patch to the
i would like to know, how to apply this patch or i would like to get the
which i can use directly.
> > Dear group,
> > Has anybody tried doing ldap client certificate authentication for an
> > 2.0.39 ssl server ?
> > Our environment is :
> > RedHat linux 7.1 kernel 2.4.x
> > apache 2.0.39 (inc. mod_ssl)
> > openssl-engine-0.9.6g
> > openldap (on a different redhat linux server)
> > The apache website has a verisign server certificate, a self-signed CA
> > certificate and all clients have
> > certificates in the ldap server signed by this CA.
> > When clients present their certificate to browse the Apache secure site,
> > Apache should check the
> > existence of their certificate in the LDAP server and also the validity
> > the contents of the certificate presented.
> > Kindly provide some direction to any solution or resources related to
> > issue.
> > Any help would be highly appreciated.
> > TIA
> > Sarath
> 1. use the normal openssl version, NOT the engine version, also RH7.1 is
> 0.9.6-engine default
> 2. use 2.0.42
> 3. stop using kernel 2.4.3