httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DEVAL SHAH" <>
Subject [users@httpd] Client Certificate authentication not working
Date Fri, 19 Jan 2007 23:32:57 GMT
Please help me I have been trying to get this working for 2 weeks now. Here 
is the error:
[debug] ssl_engine_kernel.c(426): Changed client verification type will 
force renegotiation
[info] Requesting connection re-negotiation
[debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSLv3 read client 
certificate B
[debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv3 read client 
certificate B
[error] Re-negotiation handshake failed: Not accepted by client!?

I created a local CA. Worked fine
I have a trusted certificate from Thawte on Apache
I created a client certificate using my local CA - worked well. CN = Deval 
I imported the client certificate and CA certificate in IE. IE shows the 
certificate properly without any error.

httpd-ssl.conf file
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt  -> Points to 
certificate from Thawte SSLCertificateKeyFile 
SSLCACertificateFile /usr/local/apache2/conf/ssl.crt/devalCA.crt  -> local 
CA that i created
SSLVerifyDepth  10
<Location /testcerts/*>
  SSLOptions +ExportCertData +OptRenegotiate +StdEnvVars
  SSLVerifyClient require
  SSLRequire     %{SSL_CLIENT_S_DN_CN} in {"Deval Shah"}

Let me know what is wrong?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message