Hello,Please help me I have been trying to get this working for 2 weeks now. Here is the error: [debug] ssl_engine_kernel.c(426): Changed client verification type will force renegotiation
[info] Requesting connection re-negotiation ...... ...[debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSLv3 read client certificate B [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv3 read client certificate B
[error] Re-negotiation handshake failed: Not accepted by client!? I created a local CA. Worked fine I have a trusted certificate from Thawte on ApacheI created a client certificate using my local CA - worked well. CN = Deval Shah I imported the client certificate and CA certificate in IE. IE shows the certificate properly without any error.
httpd-ssl.conf fileSSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt -> Points to certificate from Thawte SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key SSLCACertificateFile /usr/local/apache2/conf/ssl.crt/devalCA.crt -> local CA that i created
SSLVerifyDepth 10
<Location /testcerts/*>
SSLOptions +ExportCertData +OptRenegotiate +StdEnvVars
SSLVerifyClient require
SSLRequire %{SSL_CLIENT_S_DN_CN} in {"Deval Shah"}
</Location>
Let me know what is wrong?
Thanks
Deval
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|