TLSCACertificateFile

Name

TLSCACertificateFile -- Define a CA certificate used to verify your client certificates

Synopsis

TLSCACertificateFile [ CA certificate filename]

Default

None

Context

server config, <Global>, <VirtualHost>

Module

mod_tls

Compatibility

1.2.7rc1 and later

Description

The TLSCACertificateFile directive configures one file where you can assemble the certificates of Certification Authorities (CA) for your clients. The CA certificates in the file are then used to verify client certificates, if presented. Such a file is merely the concatenation of the various PEM-encoded CA certificates, in order of preference. This directive can be used in addition to, or as an alternative for, TLSCACertificatePath.

If neither TLSCACertificateFile nor TLSCACertificatePath are specified, the following message will appear in the TLSLog:

using default OpenSSL verification locations (see $SSL_CERT_DIR)

This means that the SSL_CERT_DIR environment variable, if set, will be used to determine the location of a CA certificate directory, to be used when verifying clients.

See also

TLSCACertificatePath

Examples

TLSCACertificateFile /etc/ftpd/ca-bundle.pem