Hi, I get a problem in https session. I can't establish the https connection from openssl client to the apache server, but I not have problem with browser Firefox or Explorer.
>From unix shell, if I run the command: my_server:~/wget # openssl s_client -connect dbu.sttspa.it:443 -cert crt.pem -certform PEM -key key.pem -keyform PEM Enter pass phrase for key.pem: The client closes the connection without that I can execute commad HTTP GET. From server Apache on ssl_engine_log I find: [28/Mar/2007 12:06:10 31692] [error] SSL client authentication failed: unknown reason Have you any idea on my error? The version of my openssl client is "OpenSSL 0.9.8a 11 Oct 2005", the server is "OpenSSL 0.9.7b 10 Apr 2003" Below, you find the propt result of client and ssl_engine_log from server. rocsca CLIENT (prompt result) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ CONNECTED(00000003) depth=2 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify error:num=19:self signed certificate in certificate chain verify return:0 --- Certificate chain 0 s:/C=IT/ST=Verona/L=Verona/O=SOCIETA' TRASPORTO TELEMATICO SPA/OU=dbu.sttspa.it/OU=Terms of use at www.trustitalia.it/rpa (c) 04/OU=Authenticated by Trust Italia, S.p.A./OU=Member, VeriSign Trust Network/CN=dbu.sttspa.it i:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)9 7 VeriSign 1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)9 7 VeriSign i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority 2 s:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority --- Server certificate -----BEGIN CERTIFICATE----- MIIE2TCCBEKgAwIBAgIQVWrjhH2mfV9IN5qeVlZ4vjANBgkqhkiG9w0BAQQFADCB ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w NjEwMTAwMDAwMDBaFw0wNzEwMTAyMzU5NTlaMIIBHDELMAkGA1UEBhMCSVQxDzAN BgNVBAgTBlZlcm9uYTEPMA0GA1UEBxQGVmVyb25hMSowKAYDVQQKFCFTT0NJRVRB JyBUUkFTUE9SVE8gVEVMRU1BVElDTyBTUEExFjAUBgNVBAsUDWRidS5zdHRzcGEu aXQxNjA0BgNVBAsTLVRlcm1zIG9mIHVzZSBhdCB3d3cudHJ1c3RpdGFsaWEuaXQv cnBhIChjKSAwNDEuMCwGA1UECxMlQXV0aGVudGljYXRlZCBieSBUcnVzdCBJdGFs aWEsIFMucC5BLjEnMCUGA1UECxMeTWVtYmVyLCBWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMRYwFAYDVQQDFA1kYnUuc3R0c3BhLml0MIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQDD5Lf1zJoPHlips6oskmKfPvdb2O6KIHgFWkedytJ3pVxHfmC1qo8F VJSLvH9SUpEyd3Lw5z7Iylw65l27hqN3Vw0vt/FGvaWnyHUMYXQ4B2LstO2LTuRd WyyxrXvwQVyxlgQ/NPxvwcgfagpobDfIu2qlo6A2iUqGRM8gPXkQZQIDAQABo4IB eTCCAXUwCQYDVR0TBAIwADCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCB jjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggr BgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZlcmlTaWduJ3MgQ1BT IGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVyaVNpZ24w EQYJYIZIAYb4QgEBBAQDAgZAMCgGA1UdJQQhMB8GCWCGSAGG+EIEAQYIKwYBBQUH AwEGCCsGAQUFBwMCMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AudmVyaXNpZ24uY29tMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwu dmVyaXNpZ24uY29tL0NsYXNzM0ludGVybmF0aW9uYWxTZXJ2ZXIuY3JsMA0GCSqG SIb3DQEBBAUAA4GBAEu1K/UBUsoHJK6sDy3ZzlWv9hzqieK8+t0US5l7/LixTjK0 JanVyMWPv+ESZb3rgj0ypXwjuFNI0W2beTXKcVz1BJQLFOkNjyMg9tq72ETnwjHK TbQFk0vYLV6aTYgmX/OxBdVAszwaVSLvRKSej8Xh+Nxzl32EzaQnDZS4oy3X -----END CERTIFICATE----- subject=/C=IT/ST=Verona/L=Verona/O=SOCIETA' TRASPORTO TELEMATICO SPA/OU=dbu.sttspa.it/OU=Terms of use at www.trustitalia.it/rpa (c) 04/OU=Authenticated by Trust Italia, S.p.A./OU=Member, VeriSign Trust Network/CN=dbu.sttspa.it issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c )97 VeriSign --- Acceptable client certificate CA names /O=RSA Security Inc/OU=RSA Security 1024 V3 /O=RSA Security Inc/OU=RSA Security 2048 V3 /C=US/O=America Online Inc./CN=America Online Root Certification Authority 1 /C=US/O=America Online Inc./CN=America Online Root Certification Authority 2 /O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - Entrust Implementation /O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - RSA Implementation /O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA-Baltimore Implementation /C=PL/O=Unizeto Sp. z o.o./CN=Certum CA /C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority /C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority /C=US/O=Digital Signature Trust Co./OU=DSTCA E1 /C=US/O=Digital Signature Trust Co./OU=DSTCA E2 /C=US/O=Equifax/OU=Equifax Secure Certificate Authority /C=US/O=Equifax Secure Inc./CN=Equifax Secure eBusiness CA-1 /C=US/O=Equifax Secure/OU=Equifax Secure eBusiness CA-2 /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1 /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority /C=US/O=GTE Corporation/CN=GTE CyberTrust Root /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority /C=JP/O=SECOM Trust.net/OU=Security Communication RootCA1 /C=FI/O=Sonera/CN=Sonera Class1 CA /C=FI/O=Sonera/CN=Sonera Class2 CA /C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden Root CA /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority /C=DK/O=TDC Internet/OU=TDC Internet Root CA /C=DK/O=TDC/CN=TDC OCES CA /C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Class 1 CA Root /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root /C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Public CA Root /C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Qualified CA Root /C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 1 /C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 2 /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root /C=WW/O=beTRUSTed/CN=beTRUSTed Root CAs/CN=beTRUSTed Root CA /C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Chambers of Commerce Root /O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 1 Public Primary OCSP Responder /O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 2 Public Primary OCSP Responder /O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 3 Public Primary OCSP Responder /O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048) /O=Entrust.net/OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Client Certification Authority /O=Entrust.net/OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Secure Server Certification Auth ority /C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Global Chambersign Root /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA /C=US/O=VISA/OU=Visa International Service Association/CN=GP Root 2 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root /C=BM/O=QuoVadis Limited/OU=Root Certification Authority/CN=QuoVadis Root Certification Authority /O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Secure Server OCSP Responder /O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)00/CN=VeriSign Time Stamping Authority CA /C=US/O=VISA/OU=Visa International Service Association/CN=Visa eCommerce Root /C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Secure Certificate Services /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Trusted Certificate Services /C=US/O=Entrust.net/OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab./OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Client Certificati on Authority /C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Aut hority /C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Expressz (Class C) Tanusitvanykiado /C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Uzleti (Class B) Tanusitvanykiado /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 1 Public Primary Certification A uthority - G3 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 2 Public Primary Certification A uthority - G3 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification A uthority - G3 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 4 Public Primary Certification A uthority - G3 /C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Net work /C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Net work /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Net work /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Net work /L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 1 Policy Validation Authority/CN=http://www.valicert.com//[EMAIL PROTECTED] om /L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//[EMAIL PROTECTED] om /L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 3 Policy Validation Authority/CN=http://www.valicert.com//[EMAIL PROTECTED] om /C=HU/ST=Hungary/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado /C=ZA/ST=Western Cape/L=Durbanville/O=Thawte/OU=Thawte Certification/CN=Thawte Timestamping CA /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Client Authentication and Email /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Network Applications /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object /C=US/ST=DC/L=Washington/O=ABA.ECOM, INC./CN=ABA.ECOM Root CA/[EMAIL PROTECTED] /C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 2 CA/[EMAIL PROTECTED] /C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 3 CA/[EMAIL PROTECTED] /C=ES/ST=BARCELONA/L=BARCELONA/O=IPS Seguridad CA/OU=Certificaciones/CN=IPS SERVIDORES/[EMAIL PROTECTED] /C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X1/CN=DST RootCA X1/[EMAIL PROTECTED] /C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X2/CN=DST RootCA X2/[EMAIL PROTECTED] /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Server CA/[EMAIL PROTECTED] /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Basic CA/[EMAIL PROTECTED] com /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[EMAIL PROTECTED] te.com /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Premium CA/[EMAIL PROTECTED] wte.com /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Freemail CA/[EMAIL PROTECTED] hawte.com /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA Chained CAs Certification Authorit y/CN=IPS CA Chained CAs Certification Authority/[EMAIL PROTECTED] /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA CLASE1 Certification Authority/CN= IPS CA CLASE1 Certification Authority/[EMAIL PROTECTED] /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA CLASE3 Certification Authority/CN= IPS CA CLASE3 Certification Authority/[EMAIL PROTECTED] /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA CLASEA1 Certification Authority/CN =IPS CA CLASEA1 Certification Authority/[EMAIL PROTECTED] /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA CLASEA3 Certification Authority/CN =IPS CA CLASEA3 Certification Authority/[EMAIL PROTECTED] /C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./[EMAIL PROTECTED] C.I.F. B-60929452/OU=IPS CA Timestamping Certification Authori ty/CN=IPS CA Timestamping Certification Authority/[EMAIL PROTECTED] /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 Ver iSign --- SSL handshake has read 17357 bytes and written 1909 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: C648DB14C743469357EDDB179AFDDC5841226FDF7202A5C075CD2121B9308EAB Session-ID-ctx: Master-Key: 50F0B25D707F1654A122610EE621FC9E2DB2D443A9A558557C9A697747C5EBB78999B032 BC0E40A02CCDBF3CE8814CEE Key-Arg : None Start Time: 1175076370 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- closed SERVER LOG (ssl_engine_log) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^ [28/Mar/2007 12:06:10 31692] [info] Connection to child 2 established (server dbu.sttspa.it:443, client 172.24.252.31) [28/Mar/2007 12:06:10 31692] [info] Seeding PRNG with 1160 bytes of entropy [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Handshake: start [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: before/accept initialization [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 read client hello A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write server hello A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write certificate A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write key exchange A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write certificate request A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 flush data [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: depth: 0, subject: /O=Trust Italia S.p.A./OU=Consumer Service Center Class 1/OU=Terms of use at www.trustitalia.it/rpa (c)00/OU=Authenticated by Trust Italia S.p.A./OU=Member, VeriSign Trust Network/OU=Persona Not Validated/OU=Digital ID Class 1/CN=DBUSTT Client e Firma/[EMAIL PROTECTED], issuer: /O=Trust Italia S.p.A./OU=VeriSign Trust Network/OU=Terms of use at https://www.trustitalia.it/rpa (c)00/CN=Trust Italia Class 1 Consumer Individual Subscriber CA [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: Verifiable Issuer is configured as optional, therefore we're accepting the certificate [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: depth: 0, subject: /O=Trust Italia S.p.A./OU=Consumer Service Center Class 1/OU=Terms of use at www.trustitalia.it/rpa (c)00/OU=Authenticated by Trust Italia S.p.A./OU=Member, VeriSign Trust Network/OU=Persona Not Validated/OU=Digital ID Class 1/CN=DBUSTT Client e Firma/[EMAIL PROTECTED], issuer: /O=Trust Italia S.p.A./OU=VeriSign Trust Network/OU=Terms of use at https://www.trustitalia.it/rpa (c)00/CN=Trust Italia Class 1 Consumer Individual Subscriber CA [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: Verifiable Issuer is configured as optional, therefore we're accepting the certificate [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: depth: 0, subject: /O=Trust Italia S.p.A./OU=Consumer Service Center Class 1/OU=Terms of use at www.trustitalia.it/rpa (c)00/OU=Authenticated by Trust Italia S.p.A./OU=Member, VeriSign Trust Network/OU=Persona Not Validated/OU=Digital ID Class 1/CN=DBUSTT Client e Firma/[EMAIL PROTECTED], issuer: /O=Trust Italia S.p.A./OU=VeriSign Trust Network/OU=Terms of use at https://www.trustitalia.it/rpa (c)00/CN=Trust Italia Class 1 Consumer Individual Subscriber CA [28/Mar/2007 12:06:10 31692] [trace] Certificate Verification: Verifiable Issuer is configured as optional, therefore we're accepting the certificate [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 read client certificate A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 read client key exchange A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 read certificate verify A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 read finished A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write change cipher spec A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 write finished A [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Loop: SSLv3 flush data [28/Mar/2007 12:06:10 31692] [trace] Inter-Process Session Cache (DBM) Expiry: old: 2, new: 2, removed: 0 [28/Mar/2007 12:06:10 31692] [trace] Inter-Process Session Cache: request=SET status=OK id=C648DB14C743469357EDDB179AFDDC5841226FDF7202A5C075CD2121B9308EAB timeout=300s (session caching) [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Handshake: done [28/Mar/2007 12:06:10 31692] [info] Connection: Client IP: 172.24.252.31, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits) [28/Mar/2007 12:06:10 31692] [error] SSL client authentication failed: unknown reason [28/Mar/2007 12:06:10 31692] [trace] OpenSSL: Write: SSL negotiation finished successfully ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
