RE: ssl no response

Mon, 04 Feb 2002 10:32:35 -0800 


 Alright, I've managed to establish an ssl conenction, but the session
hangs begore presenting me with a login prompt. I get an insecure prompt
to the directory in question if I use port 80.

 This is the portion of the log from ssl_engine_log during the
negotiation. Using Opera 6.x the connection hangs. Using IE 5.x it asks me
to select a certificate, and lists none for me to use. Can someone
describe what is happening?

 <VirtualHost ssl.domain.net:443 >
     SSLEngine on
     SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
     SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
     SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key


     ServerAdmin [EMAIL PROTECTED]
     DocumentRoot /www//ssl
     ServerName domain.net
     ErrorLog logs/443error_log
     CustomLog logs/443access_log common
     ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
     Group users
 <Directory /www//ssl>
    AuthName "ssl"
    AuthType Basic
    AuthUserFile auth/.htpasswd
    Require user aodhan
    SSLVerifyClient require
    SSLVerifyDepth 1
    SSLRequireSSL
 </Directory>

 </VirtualHost>


 tail -f logs/ssl_engine_log
[04/Feb/2002 09:44:06 13354] [info]  Initial (No.1) HTTPS request received
for child 5 (server domain.net:443)
[04/Feb/2002 09:44:06 13354] [info]  Requesting connection re-negotiation
[04/Feb/2002 09:44:06 13354] [info]  Awaiting re-negotiation handshake
[04/Feb/2002 09:44:06 13354] [error] Re-negotiation handshake failed: Not
accepted by client!?
[04/Feb/2002 09:44:06 13354] [error] SSL error on writing data (OpenSSL
library error follows)
[04/Feb/2002 09:44:06 13354] [error] OpenSSL: error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
[Hint: No CAs known to server for verification?]
[04/Feb/2002 09:44:06 13354] [info]  Connection to child 5 closed with
standard shutdown (server domain.net:443, client 66.35.239.94)
[04/Feb/2002 09:44:07 13353] [info]  Connection to child 4 established
(server terran.net:443, client 66.35.239.94)
[04/Feb/2002 09:44:07 13353] [info]  Seeding PRNG with 1160 bytes of
entropy
[04/Feb/2002 09:44:07 13353] [info]  Connection: Client IP: 66.35.239.94,
Protocol: SSLv3, Cipher: RC4-SHA (128/128 bits)
[04/Feb/2002 09:48:38 13353] [info]  Connection to child 4 closed with
standard shutdown (server domain.net:443, client 66.35.239.94)

-- 


   =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        Aodhan H.

        -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -
                   Ad Astra per Aspera
                          A Rough Road Leads To The Stars
        -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -

         Freedom is something you have, not something you're given.

   =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to