> Ok, I haven't figured out which of the following did it, but > applying the following suggested changes to my config.tcl > fixed the problem: > > ns_param ServerProtocols "SSLv2"
That was it. You told the server not to support client-side certs at all -- that's an SSL v3 thing (and TLS v1). You've also disabled other SSL v3 functionality, and I think that v2 has security exposures that allow the information being exchanged to be captured, which was one of the major motivations for moving from v2 to v3. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
