mod_ssl errors

Sat, 29 Jan 2000 08:58:14 -0800 


Sorry I couldn't be more specific with my subject. :)

Anyhow, I've never worked with ssl certs before, and the
only knowledge I have is from reading documenation and
reference manuals.  I got a cert from Verisign, installed
Apache+mod_ssl, and configured it to use the cert I got back
from Verisign using what I learned from the documentation.
Getting errors, though.  If I try to connect to the ssl
server, I get the following in the ssl log:

[28/Jan/2000 15:53:37 12885] [info]  Init: Configuring
server www.myhost.com:443 for SSL protocol
[28/Jan/2000 15:54:03 12886] [info]  Connection to child 0
established (server www.myhost.com:443, client 209.133.93.172)
[28/Jan/2000 15:54:06 12886] [error] SSL handshake failed
(server www.myhost.com:443, client 209.133.93.172) (OpenSSL library error follows)
[28/Jan/2000 15:54:06 12886] [error] OpenSSL: error:140890C7:SSL 
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate [Hint: No CAs 
known to server for verification?]

Here are the relevent entries I put into httpd.conf:

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog      /usr/local/apache/logs/ssl_engine_log
SSLLogLevel info

## there is only one ssl host on the machine, so this
## shouldn't be a problem
<VirtualHost 209.133.46.64:443>
ServerName www.myhost.com
Port 443
ErrorLog     /var/log/www/www.myhost.com/error.log
TransferLog  /var/log/www/www.myhost.com/access.log
LogFormat    "%{Referer}i -> %U" referer
LogFormat    "%{User-agent}i" agent
CustomLog    /var/log/www/www.myhost.com/referer.log referer
CustomLog    /var/log/www/www.myhost.com/agent.log agent
ScriptAlias  /cgi-bin/ /usr/local/www/www.myhost.com/cgi-bin/
Options      +Includes ExecCGI
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.myhost.com.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/www.myhost.com.key
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca-bundle.crt
### ^^^ the CA installed by mod_ssl/OpenSSL
SSLLog          /var/log/www/www.myhost.com/ssl.log
SSLOptions +StdEnvVars
SSLVerifyClient 2
SSLVerifyDepth 10
SSLLogLevel info
</VirtualHost>

What is the problem here?  Thank you for any help.


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to