apache and mod_ssl or rather apache-ssl? mod_ssl! unfortunately.

ok, ssl server authentication with certificate works. now let's do client authentication with ssl...

another code snippet:

openssl pkcs12 -export -in server.crt -inkey server.key -out client.crt -name "client certificate"

whohoo! at least one major browser does what it should do and connects to my ssl test webserver using a client certificate. the most undocumented part of this ssl rocket science obviously is the creation of client certificates without using cgi. but i think this example summarises all necessary steps (why is it that i always find such documents afterwards?).