Hitachi

Hitachi Application Server V10 Definition Reference Guide (For UNIX® Systems)

2.3.169 SSLVerifyDepth

SSLVerifyDepth specifies the level to which certificate chains are to be traced.

Description

SSLVerifyDepth specifies the level to which certificate chains are to be traced.

For the CA certificate chain used for client authentication, specify the level to which the authentication check is to be performed for the CA certificate chain. Use this directive to limit the number of chained CAs to be trusted. For number_of_levels, specify 2 or a greater value, because self-signed certificates are not authenticated. The following is an example:

Example:
Condition 1

CA1 is signed by the root CA.

Condition 2

Certificate 1 is signed by the root CA.

Condition 3

Certificate 2 is signed by CA1.

Value to be specified in the SSLVerifyDepth directive

In the above example, to perform the authentication check for both certificates 1 and 2, specify 3 or a greater value in the SSLVerifyDepth directive. To perform the authentication check for certificate 1 but not for certificate 2, specify 2 in the SSLVerifyDepth directive.

Syntax

SSLVerifyDepth number_of_levels

Specifiable values

0 to 10

Default value

If the definition item is omitted

0

Locations where it can be written

httpsd.conf and <VirtualHost>

Example

SSLVerifyDepth 10

To Page Top

Trademarks

Copyright (C) 2015, Hitachi, Ltd.

Copyright (C) 2013, Oracle and/or its affiliates. All rights reserved.