subject:"Trouble with netscape sending certificate"

Trouble with netscape sending certificate

1999-02-17 Thread Owen Williams


Hi,
  I'm not sure if this is a configuration problem.  It must be because
people are using mod_ssl.

First my platform:

  AIX 4.2.1 using xlC.C 3.1.4.7 with -O2 -qarch=pwr2

Software:

  openssl-0.9.1c
  mod_ssl-2.2.2-1.3.4
  apache_1.3.4
  (mod_perl 1.18)

Everything is compiled and to some extent working.  That is with requiring
client certificates I can use a virtual host with ssl.  When I require
client certificates I get this error:

  httpd: [Wed Feb 17 16:38:25 1999] [error] error:140890B0:SSL
   routines:SSL3_GET_CLIENT_CERTIFICATE:no certificates returned

If the client doesn't have a certificate you get this message:

  httpd: [Wed Feb 17 16:38:09 1999] [error] error:140890C6:SSL
   routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate

This is with a certifiacate installed on Netscape created using the FAQ:

  http://www.drh-consultancy.demon.co.uk/pkcs12faq.html#PR1

The same thing happens for Netscape4.5 on both Linux and Win95.

Any ideas?

Owen.

PS If this is a list I'm not on it.

o--o
| Owen Williams|   Systems Administrator   |   
| [EMAIL PROTECTED]   | Software Engineer |
| Work: (0116) 2506349 |   |
| Home: (0116) 2259109 |   We do web consultancy   |
|--|
| World Wide Web Home Page : http://www.cms.dmu.ac.uk/~williams|
| Short CV : http://www.cms.dmu.ac.uk/~williams/CV |
o--o
__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Trouble with netscape sending certificate

1999-02-17 Thread Ralf S. Engelschall


On Wed, Feb 17, 1999, Owen Williams wrote:

[...]
   httpd: [Wed Feb 17 16:38:25 1999] [error] error:140890B0:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificates returned
 
 If the client doesn't have a certificate you get this message:
 
   httpd: [Wed Feb 17 16:38:09 1999] [error] error:140890C6:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
 
 This is with a certifiacate installed on Netscape created using the FAQ:
 
   http://www.drh-consultancy.demon.co.uk/pkcs12faq.html#PR1
 
 The same thing happens for Netscape4.5 on both Linux and Win95.

I guess it's the situation where you haven't configured the CA cert with
SSLCACertificate{File,Path}, this way the list of acceptable CAs the server
sends to your NS45 is empty, and this way NS45 cannot provide a cert to
the server.

 Any ideas?

Configure the CA certs with SSLCACertificateFile.

 PS If this is a list I'm not on it.

Yes, as the webpages and SUPPORT texts indicate, this
is a list. I'll send a carbon copy to you, too.

   Ralf S. Engelschall
   [EMAIL PROTECTED]
   www.engelschall.com
__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Trouble with netscape sending certificate

Re: Trouble with netscape sending certificate

2 matches

Site Navigation

Mail list logo

Footer information