Jamie Johnson wrote: > I am trying to track down what the meaning of this error is. After a > bit of googling I understand that the certificate the client is using to > talk to the server has an issue, but I can't figure out if it's an issue > with the chain or if it's an issue with the certificate itself. The > client certificate has the ExtendedKeyUsages serverAuth and KeyUsage > DigitalSignature and Key_Encipherment, the chain has an intermediate > with KeyUsage DigitalSignature, Key_CertSign, Crl_Sign and a root CA > with KeyUsage DigitalSignature, Key_CertSign, Crl_Sign. I can't find > any more online as to what might be causing this and am a bit stumped at > this point, is there any direction that can be provided to help track > this down?
I need more context. I assume the server is working ok, but when you attempt to authenticate using a client cert it fails with the -8101 error? This is likely an issue with the client cert itself. Can you provide the output of openssl x509 -text -in (cut out the issuer/subject/keys if you'd like). rob _______________________________________________ Mod_nss-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/mod_nss-list
