Postings by Du Hao

Log revoked certificate information


I'm looking for a way to track users who is using client certificate to log
in to Apache HTTPD. Especially, I wanted to know who is trying to use
revoked certificates to attempt login. Is there any possible way to log
some of the certificate information, such as the certificate's serial
number into the log so that whenever a revoked certificate is used, some
information about the specific certificate is logged instead of just
showing "certificate revoked" in error_log?



Unexpected result of requesting client certificate when requesting locations with different SSLVerifyClient settings


I ran into a problem when configuring different locations for Apache HTTP
Server while utilizing client certificate.