Re: Re-negotiation handshake failed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


After I installed a certificate on my browser (tested on both IE and Firefox), I was able to access the site with client authentication.  I was expecting my browser to pop up a dialog and ask me for a certificate.  However, it seems like the browser won't do so if I have no certificate installed on my browser.  Anyway, thanks for your help.

Kenneth Yeung


Serge Dubrouski <sergeyfd@xxxxxxxxx>

04/15/2010 09:44 AM

Please respond to
users@xxxxxxxxxxxxxxxx
To
users@xxxxxxxxxxxxxxxx
cc
Subject
Re: Re-negotiation handshake failed





This message is normal. It says that server expected user certificate
but it wasn't presented by browser.

On Tue, Apr 13, 2010 at 5:31 PM,  <KennethYeung@xxxxxxxxxxxxxxxx> wrote:
>
> Greeting!
>
> I'm having a problem on setting up client certificate on my test site on
> Apache 2.2.15/OpenSSL 0.9.8m on Windows XP.  I followed the "How-To"
> articles on mod_ssl (http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html).
>  When I browse the site, I got the following error message in the log:
>
> Re-negotiation handshake failed: Not accepted by client!?
>
> I read through the documentation.  I tried to turn SSLInsecureRenegotiation
> on and off, but no luck.  I attached the configuration of my virtual host,
> hoping that you would point out anything that I've missed.  Oh, when I said
> that the site wasn't working, I was referring to my browser, which displays
> an error page with the code: ssl_error_handshake_failure_alert, instead of
> asking me for a certificate.
>
> Thanks,
>
> Kenneth Yeung
>
>
> <VirtualHost *:10991>
>     ServerAdmin mysite@xxxxxxxxxxxxx
>     DocumentRoot "C:/hosts-static/mysite/ROOT"
>     ServerName mysite.mycompany.com
>     ErrorLog "C:/hosts-static/mysite/log/ROOT-error.log"
>     CustomLog "C:/hosts-static/mysite/log/ROOT-access.log" common
>
>     SSLEngine on
>     SSLCipherSuite HIGH:MEDIUM
>     SSLCertificateFile "C:/Apache2.2/conf/ssl.crt/mysite.crt"
>     SSLCertificateKeyFile "C:/Apache2.2/conf/ssl.crt/mysite.key"
>
>     SSLInsecureRenegotiation on
>
>     <Directory C:/hosts-static/mysite/ROOT>
>             Order deny,allow
>             Allow from all
>
>         SSLVerifyClient require
>         SSLVerifyDepth 1
>         SSLCACertificateFile "C:/Apache2.2/conf/ssl.crt/self_signed_ca.crt"
>
>     </Directory>
>
> </VirtualHost>



--
Serge Dubrouski.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux