In article <> you wrote: > i've installed SSLeay-0.9.0b and mod_ssl-2.0.13-1.3.3 > with Apache on a SuSE Linux machine. Now i'm trying to set up a closed user > group via SSL. I've set up my own CA and issued some client certificates > for my users. Everything works fine so far except when people are trying to > connect to the SSL port and have their Netscape certificate database > password protected. > Then, the server asks for the password to the db. If you type it in, the > connection hangs as long as you are opening the 'security info' menu entry > and click on any of the certificate entries. This happens even with > 'commercial' certificates like Thawtes freemail CF. If on has the password > disabled, everything works fine. By the way, i use pkcs12 CFs generated > with the pkcs package. > Is that a 'feature', a bug with Communicator or with SSLeay/mod_ssl? Hmmmm... I think it's a bug in your Communicator/platform combination. Because mod_ssl/SSLeay only sends the Client Certificate request. And your browser gets it, because it opens the dialog boxes. I've never tried passwort protected client certs in Netscape, but it looks like a bug. Because SSLeay usually doesn't do anything more, it just requests the certificate and waits until it arrives. Have you at least tried different Communicator versions? Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com ______________________________________________________________________ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
