https://issues.apache.org/bugzilla/show_bug.cgi?id=56061
Bug ID: 56061
Summary: IE11 with client side certificate fails to
authenticate
Product: Apache httpd-2
Version: 2.2.26
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Internet Explorer 11 with a client side certificate does not authenticate with
Apache 2.2.26.
IE 11 does allow the user to select their certificate but somewhere in the
handshake Apache 2.2.26 doesn't receive it.
IE 10 and older, Firefox and Chrome all play nice, it's only IE 11. When
TLSv1.2 is disabled in IE 11 Apache authenticates the client side certificate.
When Apache is downgraded to 2.2.19 and TLSv1.2 is enabled in IE 11 Apache
authenticates the client side certificate.
I enabled debug logging for SSL connections and we expect to see the following
when the certificate is selected by the user from Internet Explorer:
[Thu Jan 23 14:41:11 2014] [debug] ssl_engine_io.c(1897): OpenSSL: read
1455/2147 bytes from BIO#7f78b5741440 [mem: 7f78b578f6c5] (BIO dump follows)
But we see the following instead:
[Thu Jan 23 14:38:21 2014] [debug] ssl_engine_io.c(1939): OpenSSL: read 269/269
bytes from BIO#7f3a26f83b20 [mem: 7f3a26f73958] (BIO dump follows)
Where it only received 269 bytes instead of the 2147 bytes that makes up the
client side certificate.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
