2008/9/24 Gilles Bachmann <g.bachmann@xxxxxxxxx>:
> Bonjour,
>
> je désire faire de l'authentification par certificat. Ma configuration est
> la suivante :
>
> reverse_proxy : apache 2.0.52
> <Location /uploadcrt/>
> SSLVerifyClient require
> SSLOptions +ExportCertData +FakeBasicAuth +StrictRequire
> +StdEnvVars
> RequestHeader set certificat "%{SSL_CLIENT_CERT}e"
> </Location>
>
> serveur web applicatif : apache 1.3.41
>
> le serveur reçois bien le certificat mais se plante avec l'erreur :
>
> Bad Request
>
> Your browser sent a request that this server could not understand.
>
> Request header field is missing colon separator.
>
> MIIC4DCCAkmgAwIBAgIBVzANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCRlIx
I believe %{SSL_CLIENT_CERT}e has hard line breaks in it. Your
frontend tries to write it out to the backend, but the 2nd line of the
cert looks like a new header to the backend (headers are separated by
newlines).
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|