Move SSLCACertificate* into the correct (allowed) context in the examples.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1353832 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/ssl/ssl_howto.xml b/docs/manual/ssl/ssl_howto.xml
index 87c9a0235a591e8891e370ee2b0c96b5a13b8e6e..e796263cd30cb533d285208d250f51dd3fa1e751 100644 (file)
--- a/docs/manual/ssl/ssl_howto.xml
+++ b/docs/manual/ssl/ssl_howto.xml
@@ -192,13 +192,13 @@ Intranet website, for clients coming from the Internet?</a></li>
     clients allowed, as follows:</p>
     
     <example><title>httpd.conf</title><pre>
+SSLCACertificateFile conf/ssl.crt/ca.crt
+SSLCACertificatePath conf/ssl.crt
 SSLVerifyClient      none
-&lt;Directory /usr/local/apache2/htdocs/secure/area&gt;
 
+&lt;Directory /usr/local/apache2/htdocs/secure/area&gt;
 SSLVerifyClient      require
 SSLVerifyDepth       5
-SSLCACertificateFile conf/ssl.crt/ca.crt
-SSLCACertificatePath conf/ssl.crt
 SSLOptions           +FakeBasicAuth
 SSLRequireSSL
 AuthName             "Snake Oil Authentication"
@@ -226,12 +226,12 @@ Require              valid-user
 
     <example><title>httpd.conf</title><pre>
 SSLVerifyClient      none
-&lt;Directory /usr/local/apache2/htdocs/secure/area&gt;
+SSLCACertificateFile conf/ssl.crt/ca.crt
+SSLCACertificatePath conf/ssl.crt
 
+&lt;Directory /usr/local/apache2/htdocs/secure/area&gt;
   SSLVerifyClient      require
   SSLVerifyDepth       5
-  SSLCACertificateFile conf/ssl.crt/ca.crt
-  SSLCACertificatePath conf/ssl.crt
   SSLOptions           +FakeBasicAuth
   SSLRequireSSL
   SSLRequire       %{SSL_CLIENT_S_DN_O}  eq "Snake Oil, Ltd." \