> First of all does it work if you comment the
> "SSLVerifyClient require"
> directive out. Also do you get a core file and can
> you do a backtrace in gdb (with lib info)?
>
> Regards
> Matt
>
>
Dear Matt, thanks for your reply
If I set "SSLVerifyClient optional" (or comment it) apache work but client CA aren't
send to my
server (I need client distinguished name)
If I set "LogLevel debug" and "SSLVerifyClient require" I can see into "error_log":
[info] Server built: Mar 16 2004 15:30:28
[debug] prefork.c(1037): AcceptMutex: pthread (default: pthread)
[notice] child pid 18934 exit signal Segmentation fault (11)
and into "ssl_error_log"
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 read client hello A
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 write server hello A
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 write certificate A
[debug] ssl_engine_kernel.c(1170): handing out temporary 1024 bit DH key
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 write key exchange A
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 write certificate request A
[debug] ssl_engine_kernel.c(1786): OpenSSL: Loop: SSLv3 flush data
[debug] ssl_engine_io.c(1499): OpenSSL: read 5/5 bytes from BIO#818ab68 [mem: 81921e8]
(BIO dump
follows)
[debug] ssl_engine_io.c(1446):
+------------------------------+
[debug] ssl_engine_io.c(1471): | 0000: 16 03 00 04 c9 |
[debug]
ssl_engine_io.c(1477): +------------------------------+
[debug]
ssl_engine_io.c(1499): OpenSSL: read 1225/1225 bytes from BIO#818ab68 [mem: 81921ed]
(BI
O dump follows)
.............
.............
____________________________________________________________
Yahoo! Companion - Scarica gratis la toolbar di Ricerca di Yahoo!
http://companion.yahoo.it
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
