Hi Yann,
Earlier I've downloaded Websphere Server Root certificate in Base-64
format. So I was using inform as pem as DER is not working.
Not I've downloaded in DER format and ran below command that you gave. After
restarting my apache and when I try to access url I see below error.
[Mon Feb 12 07:22:12.631833 2018] [ssl:warn] [pid 21729:tid 139998669920000]
AH02268: Proxy client certificate callback: (Virtual:443) downstream server
wanted client certificate but none are configured
[Mon Feb 12 07:22:12.644376 2018] [proxy_http:error] [pid 21729:tid
139998669920000] (103)Software caused connection abort: [client
10.246.8.176:53774] AH01102: error reading status line from remote server
WASSERVER:PORT
[Mon Feb 12 07:22:12.644411 2018] [proxy:error] [pid 21729:tid 139998669920000]
[client 10.246.8.176:53774] AH00898: Error reading from remote server returned
by /URI
Was wondering if Apache(Client) don't connect to Websphere (Server) if
Websphere uses a Self-signed certificate?
Warm Regards,
Naveen Kumar Reddy N
-----Original Message-----
From: Yann Ylavic [mailto:ylavic....@gmail.com]
Sent: Monday, February 12, 2018 2:31 AM
To: users@httpd.apache.org
Subject: EXT: Re: [users@httpd] Mutual authentication between Apache HTTP
server and an application server.
Hi,
On Mon, Feb 12, 2018 at 1:30 AM, Naveen Nandyala - Vendor
<naveen.nandy...@walmart.com> wrote:
>
> /tmp/was.crt was created as below.
>
> Extracted root certificate from WAS.
> Converted .cer file to crt using below command.
>
> openssl x509 -inform PEM -in was.cer -out was.crt
Isn't "was.cer" rather in DER format? The above command is a no-op, and you
probably want PEM for the certificate used on the proxy, so maybe :
$ openssl x509 -inform DER -in was.cer -outform PEM -out was.crt ?
Regards,
Yann.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
