Hi Team, Need help in setting up MTLS between Apache HTTP server and Weblogic server (App Server). I have gone through few links but those are not working. Post following suggested steps I was able to start Apache HTTP server but Application is not working. Getting below messages in the Error while accessing the application. Could anyone please look at it and share some suggestion on how we should setup MTLS b/w Web and App server. Please let me know if any additional info needed. Error message: - "message" : "AH02645: Server name not provided via TLS extension (using default/first virtual host)" , "referer" : }, "message" : "AH02008: SSL library error 1 in handshake (server hostname:port)" , "referer" : } "message" : "SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?"
, "referer" : } "message" : "AH01998: Connection closed to child 138 with abortive shutdown (server hostname:port , "referer" : } "message" : "AH01964: Connection to child 24 established (server hostname:port)" , "referer" : } "message" : "AH02645: Server name not provided via TLS extension (using default/first virtual host)" , "referer" : } "message" : "AH02008: SSL library error 1 in handshake (server hostname:port)" , "referer" : } "message" : "SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?"
, "referer" : } SSL.conf file has below directives set. SSLEngine on ProxyRequests Off RewriteEngine on SSLProxyEngine on SSLProxyVerify on SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off SSLVerifyCLient require SSLVerifyDepth 10 SSLProxyVerifyDepth 10 SSLOptions +ExportCertData SSLProxyMachineCertificateFile "/apps/certs/Appcert.pem" SSLProxyCACertificateFile "/apps/certs/trustedca.pem" SSLCertificateFile "/path/to/hostname.crt" SSLCertificateKeyFile "/path/to/hostname.key" SSLCertificateChainFile "/path/to/hostname.crt" SSLCACertificateFile "/path/to/trustedca.pem" Thanks. Regards, Devendra |