Hi,
I had the Netscape Problem too. I didn't get an answer up to now.
The only way to get around this I found up to now is to configure to send
the certificate automatically, instead of asking.
If you find a better solution, please let me know.
Tnx
Stefan
-----Ursprüngliche Nachricht-----
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Gesendet: Dienstag, 6. Februar 2001 23:50
An: [EMAIL PROTECTED]
Betreff: question on client authentication using certificates
Howdy,
I am having a problem with modssl certificate based client authentication
that
will undoubtedly have a simple answer.
Currently, I have a CA certificate that I use to sign all my client
certificates. On the apache+modssl server I want to use certificate based
authentication. The client need only have a certificate signed by the CA to
obtain access to the site. I added the following directives to the
httpd.conf
as per the modssl Howto.
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile /path/to/file.crt
After turning the server over, I made the following discoveries:
- On Netscape, it will request my certificate for authentication. The
problem
is, it requests it for every single page and image (on a page with several
images the dialog box pops up once for each image). If I click on a link,
it
starts the cycle over again (requesting certificates for the new page and
the
images).
- On Internet Explorer, the dialog box requesting the certificate for
authentication pops up, but then I get an error page (One of the vanilla IE
error pages: Cannot find server or DNS Error)
I plan to keep working on it, but any help would be greatly appreciated. My
configuration information is listed below:
Netscape 4.75
Internet Explorer 5.00.292
Apache 1.3.17 + mod_ssl 2.8 (latest greatest)
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]