This is my understanding, which has worked for me over the years doing SSL with Apache and Xojo to PostGreSQL DB over SSL:
SSLAuthority = The Certificate Authority’s public certificate in .pem format. I’m using the “AddTrustExternalCARoot.pem” file that I downloaded from their public website.
SSLAuthorityDirectory = A directory that stores all of the certs that the primary certs may depend on to complete the trust chain. Ie, I had a CA root cert a while back that required that another cert existed. In the directory I ran the ‘c_rehash .’ command on OS X so that a link would be created for the other certs. You need to run this command because otherwise the SSL process doesn’t know which of the files in the directory is the file to use because you can name the file anything. c_rehash creates a link to the file so that the trust chain knows what to look for in the same directory.
SSLCertificate = This is SSLCertificate for the client’s public cert. You’d use this if you needed to ensure that you trust the client doing the request. In my case I don’t use this.
SSLCipher = I don’t have any experience with this in my app, but I suspect it’s negotiated at connection time. I’m not setting this in my Xojo to PostGreSQL DB SSL connection.
SSLKey = I believe that this is the hosts/client’s private key file?