httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Selim Seynur <Selim.Sey...@ENTRUST.COM>
Subject RE: [users@httpd] Requesting Client Certificate with Post Data
Date Wed, 12 Mar 2003 17:15:14 GMT
I guess I have found a solution for my own problem.  Meanwhile, I can share
the knowledge as well :)
It seems like a bug.
- Selim

-----Original Message-----
From: Selim Seynur []
Sent: Tuesday, March 11, 2003 7:53 PM
To: ''
Subject: [users@httpd] Requesting Client Certificate with Post Data

I am using Apache 2.0.44 on Linux with mod_ssl.  I have the correct CA and
the server certificates setup properly.
I am trying to request and verify client certificate for a certain URL.  In
my setup, that URL (the cgi) has to be requested via POST.
I get the following error in error_log file:
[Tue Mar 11 19:51:25 2003] [error] SSL Re-negotiation in conjunction with
POST method not supported!
hint: try SSLOptions +OptRenegotiate

When I request the URL via GET, I get the Client Authentication window pop
up and things work (from Apache's view point)
My configuration entry looks as following under default SSL Virtual Host:
<Directory "/opt/web/cgi-bin">
    SSLOptions +StdEnvVars +OptRenegotiate
<Location /cgi-bin/>
SSLVerifyClient require
SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
            and %{SSL_CLIENT_S_DN_O} eq "MyOrg" \
            and %{SSL_CLIENT_S_DN_C} eq "US" \
            and %{SSL_CLIENT_M_SERIAL} eq "3DA12345" )

Even though I put the +OptRenegotiate as the error_log file suggested, I
still get the same error.
The error on the browser is:

Method Not Allowed

The requested method POST is not allowed for the URL


Does anybody have any idea on this?  I really appreciate any input.
- Selim

View raw message