Hi.
I test Apache (1.3.12) + mod_ssl (2.6.1) on Windows NT4.
When trying to access the server with Netscape, it is ok. But with IE5.0
I have the following error:
[31/Oct/2000 11:57:12 00422] [info] Connection to child 4 established
(server ZINNEMAN:443, client 10.11.1.6)
[31/Oct/2000 11:57:12 00422] [info] Seeding PRNG with 0 bytes of
entropy
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Handshake: start
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: before/accept
initialization
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 read client
hello A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write server
hello A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write
certificate A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write key
exchange A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write server
done A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 flush data
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 read client
key exchange A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 read finished
A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write change
cipher spec A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 write finished
A
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Loop: SSLv3 flush data
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Handshake: done
[31/Oct/2000 11:57:12 00422] [info] Connection: Client IP: 10.11.1.6,
Protocol: SSLv3, Cipher: EXP-RC4-MD5 (40/128 bits)
[31/Oct/2000 11:57:12 00422] [trace] OpenSSL: Write: SSL negotiation
finished successfully
[31/Oct/2000 11:57:12 00422] [info] Connection to child 4 closed with
standard shutdown (server ZINNEMAN:443, client 10.11.1.6)
[31/Oct/2000 11:57:25 00422] [info] Connection to child 5 established
(server ZINNEMAN:443, client 10.11.1.6)
[31/Oct/2000 11:57:25 00422] [info] Seeding PRNG with 0 bytes of
entropy
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Handshake: start
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: before/accept
initialization
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 read client
hello A
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 write server
hello A
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 write
certificate A
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 write key
exchange A
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 write server
done A
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Loop: SSLv3 flush data
[31/Oct/2000 11:57:25 00422] [trace] OpenSSL: Exit: failed in SSLv3 read
client certificate A
[31/Oct/2000 11:57:25 00422] [info] Spurious SSL handshake
interrupt[Hint: Usually just one of those OpenSSL confusions!?]
In my httpd.conf, I put:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLVerifyClient none
So I do not understand why the server tries to verify the client
certificate (this is not the case with Netscape Navigator)
Can someone help me?
Best regards.
Carole Hébrard.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
