The parameters can be added as-is to the end of the first certificate file.
Look in the Compatibility chapter for details on the compatibility variables. If the DN in question contains multiple attributes of the same name, this suffix is used as a zero-based index to select a particular attribute.This error can occur when the specified resource needs "https" access, but the certificate validity period has expired, the certificate is not valid for the use requested, or the certificate has been revoked or revocation can not be checked.This module provides SSL v3 and TLS v1.x support for the Apache HTTP Server. This module relies on Open SSL to provide the cryptography engine.So usually you can't just place the Certificate files there: you also have to create symbolic links named directives; in other words, the names of the CAs which will actually be used to verify the client certificate.In some circumstances, it is useful to be able to send a set of acceptable CA names which differs from the actual CAs used to verify the client certificate - for example, if the client certificates are signed by intermediate CAs. The files in this directory have to be PEM-encoded and are accessed through hash filenames.This information is not provided by default for performance reasons.