I needed Certificate Authentication on a Bastion host. I was pointed to the article from Zeitoun.net (below) by a friend, but it did not work with Apache 2.2. Apache took my SSL_* variables and passed them along as HTTP_SSL_* variables. This is ok, but not good enough if I don’t want to change source code. […]
[Apache httpd-2-] not documented: must restart server to load new CRL http://www.mail-archive.com/modssl-users@modssl.org/msg04729.html I have observed this behavior. CRLs expire and the server has to be restarted. Not 100% sure what is going on, because this should only be an issue with SSLCARevocationFile and I am using SSLCARevocationPath