https://issues.apache.org/bugzilla/show_bug.cgi?id=47492
--- Comment #1 from Andre Cruz <[email protected]> 2009-08-07 08:39:26 PDT --- Does this patch work? I setup a path like this: <Location /LoginWithCert.do> SSLVerifyClient require_no_ca SSLOptions +OptRenegotiate </Location> The browser asked me for a certificate when the SSL was renegotiated (the outer context has SSLVerifyClient none) and the following appeared in the log: [Fri Aug 07 16:26:04 2009] [error] Re-negotiation handshake failed: Client verification failed A "Forbidden" was returned to the browser (Firefox 3.5.2). fyi, the patch does not apply cleanly to 2.1.12 and the certificate I sent is self-signed. Also, when I don't send a client certificate an error page appears in Firefox, this can be a firefox problem... This appears in the server log: [Fri Aug 07 16:38:14 2009] [debug] ssl_engine_kernel.c(1772): OpenSSL: Write: SSLv3 read client certificate B [Fri Aug 07 16:38:14 2009] [debug] ssl_engine_kernel.c(1791): OpenSSL: Exit: error in SSLv3 read client certificate B [Fri Aug 07 16:38:14 2009] [error] Re-negotiation handshake failed: Not accepted by client!? -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
