Hi,
I'm running apache/1.3.12 mod_ssl/2.6.6 and OpenSSL/0.9.4 on
a server. I've receieved a Thawte SuperCert digital certificate
for the server and am trying to access pages with a Thawte
freemail personal cert. I keep receiving 'The server cannot
verify your certificate' when accessing pages. The server
and client are off the internet on a private network. SSL
access works fine until I use SSLVerifyClient. Using
option require OR optional generates the above message.
In Netscape I can verify the Thawte browser certificate. When
I comment out SSLVerifyClient and print the environment vars
I see things like
SSL_CLIENT_KEY_ALGORITHM="Not supported by mod_ssl"
SSL_CLIENT_KEY_EXP="Not supported by mod_ssl"
SSL_CLIENT_KEY_SIZE="Not supported by mod_ssl"
With SSLVerifyClient set the server logs these messages..
Wed Oct 11 18:04:36 2000] [error] mod_ssl: Certificate Verification: Error
(20): unable to get local issuer certificate
[Wed Oct 11 18:04:36 2000] [error] mod_ssl: Re-negotiation handshake failed:
Not accepted by client!?
[Wed Oct 11 18:04:36 2000] [error] mod_ssl: SSL error on writing data
(OpenSSL library error follows)
[Wed Oct 11 18:04:36 2000] [error] OpenSSL: error:1409E0E5::lib(20)
:SSL3_WRITE_BYTES:ssl handshake failure
Any idea what is wrong with my browser certificate? TIA, tw
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
