On Jun 1, 2014, at 6:18 AM, Steven Siebert <smsi...@gmail.com<mailto:smsi...@gmail.com>> wrote:
On Fri, May 30, 2014 at 12:00 AM, McGregor, Donald (Don) (CIV) <mcgr...@nps.edu<mailto:mcgr...@nps.edu>> wrote: ERR_SSL_P Can you provide the (sanitized) apache error_log when you try mutual auth? S Using IE client on Windows 8.1: [Sun Jun 01 20:40:35 2014] [error] Certificate Verification: Error (20): unable to get local issuer certificate [Sun Jun 01 20:40:35 2014] [error] Re-negotiation handshake failed: Not accepted by client!? [Sun Jun 01 20:40:35 2014] [error] Re-negotiation handshake failed: Not accepted by client!? Using Chrome client on Windows 8.1: [Sun Jun 01 20:42:10 2014] [error] Re-negotiation handshake failed: Not accepted by client!? [Sun Jun 01 20:42:15 2014] [error] Re-negotiation handshake failed: Not accepted by client!? [Sun Jun 01 20:42:26 2014] [error] Certificate Verification: Error (20): unable to get local issuer certificate [Sun Jun 01 20:42:26 2014] [error] Re-negotiation handshake failed: Not accepted by client!? As I said, the standard https seems to work in non-CAC enabled directories. From Chrome on OSX for the lock icon: "The identity of this website has been verified by DOD CA-27 but does not have public audit records."