TLSCACertificatePath [ Path to your CA certificates]
Default
None
Context
server config, <Global>, <VirtualHost>
Module
mod_tls
Compatibility
1.2.7rc1 and later
The TLSCACertificatePath directive sets the directory for the certificates of Certification Authorities (CAs) for your clients. These are used to verify the client certificates presented. This directive may be used in addition to, or as alternative for, TLSCACertificateFile.
The files in the configured directory have to be PEM-encoded, and are accessed through hash filenames. This means one cannot simply place the CA certificates there: one also has to create symbolic links named hash-value.N. The c_rehash utility that comes with OpenSSL can be used to create the necessary symlinks.
If neither TLSCACertificateFile nor TLSCACertificatePath are specified, the following message will appear in the TLSLog:
using default OpenSSL verification locations (see $SSL_CERT_DIR)
[1]
This means that the SSL_CERT_DIR environment variable, if set, will be used to determine the location of a CA certificate directory, to be used when verifying clients.
| [1] |