Hello

  I have setup a MTLS forward proxy with ATS. But what happens is -
connection to forward proxy is getting reset - I mean ATS is sending RST
message to the client. 
I have verified the certificate that client is sending with the root CA
certificate that ATS using for verifying the client certificate. That shows
verified.

~ # openssl verify -CAfile /tmp/ca.pem /tmp/tomcat.pem 
/tmp/tomcat.pem: OK

But from Wireshark I can see the following sequence

client to server -> Certificate ,  client key exchange, certificate verify
client to server -> Change Cipher spec, Encrypted handshake message
Server to client -> [RST, ACK]

How do I fix this issue - any clues ?

from my records.conf

CONFIG proxy.config.ssl.client.CA.cert.filename STRING ca.pem
CONFIG proxy.config.ssl.CA.cert.filename STRING ca.pem
CONFIG proxy.config.ssl.server.cert.path STRING <location where certificates
are stored>

CONFIG proxy.config.ssl.client.CA.cert.filename STRING ca.pem
CONFIG proxy.config.ssl.client.CA.cert.path STRING <location where
certificates are stored>

Is there any way I can make ATS log more ssl logs ?

Thanks in advance
~S





--
Sent from: http://apache-traffic-server.24303.n7.nabble.com/

Reply via email to