On Mon, Apr 26, 1999, Phil Tracy wrote:
> I'm running apache 1.3.6, mod_ssl 2.2.8 and openssl 0.9.2b. I have at least
> one user with a Netscape 3.04 browser who cannot connect to this server via SSL
> ("The security library has experienced a database error. You will probably be
> unable to connect to the site securely.") It works fine for me with Netscape
> 4.5 and 4.51. The user can get to the site fine with Internet Explorer 4.0,
> but Netscape 3.04 fails consistently.
>
> Here's what the Apache error log has to say about it:
>
> >[Wed Apr 21 01:49:06 1999] [error] mod_ssl: SSL handshake failed (client
> >129.105.110.101, server www-gate.it-services.nwu.edu:443) (OpenSSL
> >library error follows)
> >[Wed Apr 21 01:49:06 1999] [error] OpenSSL: error:14094412:SSL
> >routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject
> >CN in certificate not server name!?]
>
> At first I thought the problem might that the user was connecting to a
> different domain name, but my web browser can connect to the host just fine
> with the DNS alias (gatewww.it.nwu.edu). Anyone have any clues? The
> certificate name is *definitely* correct, and nobody has changed the host name
> AFIK -- anyhow, it works fine for most of our several thousand users. Thanks!
It's not the server's certificate which makes the problem here, I think. It's
the client certificate which is bad as it looks. Because the "The security
library has experienced a database error" is a local browser issue.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]