Example: SSLVerifyClientDepth 10
Since: Apache 1.3
This directive dictates how deeply mod_ssl should go before
deciding that a client does not have a valid certificate.
It can be used in either per-server or
per-directory context. In per-server context, it applies to the
client authentication process used in the standard SSL handshake
when a connection is established. In per-directory context,
it forces an SSL renegotiation with the reconfigured client
verification depth after the HTTP request is read but before
the HTTP response is sent.
The depth is the maximum number of intermediate
certificate issuers-- that is, the maximum number of CA certificates that can
be followed while verifying the client
certificate. A depth of 0 means that only self-signed client
certificates are accepted. The default depth of 1 means that
the client certificate can be self-signed or signed
by a CA that is directly known to the server (for example, the CA's
certificate under SSLCACertificatePath).