1 files changed, 10 insertions, 5 deletions

diff --git a/ssl_engine_init.c b/ssl_engine_init.c
index 2a9c7a4ef8..bcc0d388f5 100644
--- a/ssl_engine_init.c
+++ b/ssl_engine_init.c
@@ -544,12 +544,17 @@ static void ssl_init_ctx_verify(server_rec *s,
             ssl_die();
         }
 
-        ca_list = ssl_init_FindCAList(s, ptemp,
-                                      mctx->auth.ca_cert_file,
-                                      mctx->auth.ca_cert_path);
+        if (mctx->pks && (mctx->pks->ca_name_file || mctx->pks->ca_name_path)) {
+            ca_list = ssl_init_FindCAList(s, ptemp,
+                                          mctx->pks->ca_name_file,
+                                          mctx->pks->ca_name_path);
+        } else
+            ca_list = ssl_init_FindCAList(s, ptemp,
+                                          mctx->auth.ca_cert_file,
+                                          mctx->auth.ca_cert_path);
         if (!ca_list) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
-                    "Unable to determine list of available "
+                    "Unable to determine list of acceptable "
                     "CA certificates for client authentication");
             ssl_die();
         }
@@ -1151,7 +1156,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s,
 
         if ((rv = apr_dir_open(&dir, ca_path, ptemp)) != APR_SUCCESS) {
             ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
-                    "Failed to open SSLCACertificatePath `%s'",
+                    "Failed to open Certificate Path `%s'",
                     ca_path);
             ssl_die();
         }