Perfectly working VM running Amazon Linux with Apache and mod_ssl configured
for client certificates.
Ran yum update to get the latest openssl (OpenSSL 1.0.1h-fips 5 Jun
2014)/mod_ssl(2.2.27 )/httpd(2.2.27) security updates from Amazon's yum
repository.
Now the client certificate checks are failing and I am getting:
"Certificate Verification: Error (7): certificate signature failure" in the
Apache log.
I have several other VMs running just fine with the client certificates and the
only difference is upgrading the yum packages.
Relevant part of httpd.conf that is working flawlessly on the other VMs is:
Alias /gateway/ /var/www/gateway/
<Location /gateway/>
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile /etc/ssl/certs/clientca_master
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
Order allow,deny
Allow from all
</Location>
Any thoughts on what to look for here?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
