Perhaps someone in the modssl community could suggest a direction on this problem: I am running an Apache instance on a Solaris 2.7 machine with the following software Apache/1.3.9 (Unix) mod_ssl/2.4.8 OpenSSL/0.9.4. SSLv3 is required to access one portion of the site. Friday, after a change to the httpd.conf file unrelated to SSLv3, SSLv3 authentication fails with the following errors in the error_log file [Sat Oct 21 22:27:21 2000] [notice] SIGUSR1 received. Doing graceful restart [Sat Oct 21 22:27:22 2000] [notice] Apache/1.3.9 (Unix) mod_ssl/2.4.8 OpenSSL/0. 9.4 configured -- resuming normal operations [Sat Oct 21 22:28:35 2000] [error] mod_ssl: Certificate Verification: Certificat e Chain too long (chain has 2 certificates, but maximum allowed are only 1) [Sat Oct 21 22:28:35 2000] [error] mod_ssl: Re-negotiation handshake failed: Not accepted by client!? [Sat Oct 21 22:28:35 2000] [error] mod_ssl: SSL error on writing data (OpenSSL l ibrary error follows) [Sat Oct 21 22:28:35 2000] [error] OpenSSL: error:1409E0E5:SSL routines:SSL3_WRI TE_BYTES:ssl handshake failure The ssl_engine_log file shows the following errors: [21/Oct/2000 22:27:36 20018] [info] Connection to child 4 established (server w ebserv.shawneecourt.org:443, client 1.1.1.6) [21/Oct/2000 22:27:37 20018] [info] Connection: Client IP: 1.1.1.6, Protocol: S SLv3, Cipher: RC4-MD5 (128/128 bits) [21/Oct/2000 22:27:38 20018] [info] Initial (No.1) HTTPS request received for c hild 4 (server aaa.bbb.org:443) [21/Oct/2000 22:27:38 20018] [info] Requesting connection re-negotiation [21/Oct/2000 22:27:38 20018] [info] Awaiting re-negotiation handshake [21/Oct/2000 22:28:35 20018] [error] Certificate Verification: Certificate Chain too long (chain has 2 certificates, but maximum allowed are only 1) [21/Oct/2000 22:28:35 20018] [error] Re-negotiation handshake failed: Not accept ed by client!? [21/Oct/2000 22:28:35 20018] [error] SSL error on writing data (OpenSSL library error follows) [21/Oct/2000 22:28:35 20018] [error] OpenSSL: error:1409E0E5:SSL routines:SSL3_W RITE_BYTES:ssl handshake failure [21/Oct/2000 22:28:35 20018] [info] Connection to child 4 closed with standard shutdown (server aaa.bbb.org:443, client 1.1.1.6) No changes have been made to any certificate used on the server, the test client(s), or the CA list. Any help/guidance would be helpful. Thanks! Robert Womack [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
