Re: Re-negotiation handshake failed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The window would pop-up if you had several certs installed in your browser that could satisfy server's request. Since you have just one cert installed browser sends it by default.

On Thu, Apr 15, 2010 at 12:27 PM, <KennethYeung@xxxxxxxxxxxxxxxx> wrote:

After I installed a certificate on my browser (tested on both IE and Firefox), I was able to access the site with client authentication.  I was expecting my browser to pop up a dialog and ask me for a certificate.  However, it seems like the browser won't do so if I have no certificate installed on my browser.  Anyway, thanks for your help.

Kenneth Yeung



Serge Dubrouski <sergeyfd@xxxxxxxxx>

04/15/2010 09:44 AM

Please respond to
users@xxxxxxxxxxxxxxxx

To
users@xxxxxxxxxxxxxxxx
cc
Subject
Re: Re-negotiation handshake failed





This message is normal. It says that server expected user certificate
but it wasn't presented by browser.

On Tue, Apr 13, 2010 at 5:31 PM,  <KennethYeung@xxxxxxxxxxxxxxxx> wrote:
>
> Greeting!
>
> I'm having a problem on setting up client certificate on my test site on
> Apache 2.2.15/OpenSSL 0.9.8m on Windows XP.  I followed the "How-To"
> articles on mod_ssl (http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html).
>  When I browse the site, I got the following error message in the log:
>
> Re-negotiation handshake failed: Not accepted by client!?
>
> I read through the documentation.  I tried to turn SSLInsecureRenegotiation
> on and off, but no luck.  I attached the configuration of my virtual host,
> hoping that you would point out anything that I've missed.  Oh, when I said
> that the site wasn't working, I was referring to my browser, which displays
> an error page with the code: ssl_error_handshake_failure_alert, instead of
> asking me for a certificate.
>
> Thanks,
>
> Kenneth Yeung
>
>
> <VirtualHost *:10991>
>     ServerAdmin mysite@xxxxxxxxxxxxx
>     DocumentRoot "C:/hosts-static/mysite/ROOT"
>     ServerName mysite.mycompany.com
>     ErrorLog "C:/hosts-static/mysite/log/ROOT-error.log"
>     CustomLog "C:/hosts-static/mysite/log/ROOT-access.log" common
>
>     SSLEngine on
>     SSLCipherSuite HIGH:MEDIUM
>     SSLCertificateFile "C:/Apache2.2/conf/ssl.crt/mysite.crt"
>     SSLCertificateKeyFile "C:/Apache2.2/conf/ssl.crt/mysite.key"
>
>     SSLInsecureRenegotiation on
>
>     <Directory C:/hosts-static/mysite/ROOT>
>             Order deny,allow
>             Allow from all
>
>         SSLVerifyClient require
>         SSLVerifyDepth 1
>         SSLCACertificateFile "C:/Apache2.2/conf/ssl.crt/self_signed_ca.crt"
>
>     </Directory>
>
> </VirtualHost>



--
Serge Dubrouski.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





--
Serge Dubrouski.

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux