Am 26.04.2012 15:15, schrieb Tammany, Curtis:
Hello-
I am running Apache 2.2.22 with OpenSSL 1.0.1 on Windows (XP for dev and
server 2003 for production)
The site requires client (CAC) certificates.
I am getting "FAILED:unable to get local issuer certificate" errors in my
log file from Windows 7 clients. Digging suggested that I check the
intermediate certificates that I have on the server with the openssl verify
command which returned "error 18 at 0 depth lookup:self signed certificate"
Running openssl version -d returns "OPENSSLDIR: "c:/openssl-1.0.1/ssl". That
folder does not exist on my servers.
I think I need to get OpenSSL to trust the self signed certificate. What
steps do I take?
Thank you.
This is an Apache question and is only loosely connected to OpenSSL.
I'll take the liberty to forward you to CAcert.org's WiKi which has a
page explaining on how to configure Apache for client certificates at
http://wiki.cacert.org/ApacheServerClientCertificateAuthentication
It may not be exactly what you need but might give you the right ideas.
Otherwise Apache's support groups may be able to help you in more detail.
I hope this helps a bit,
Ted
;)
--
PGP Public Key Information
Download complete Key from http://www.convey.de/ted/tedkey_convey.asc
Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
