>> [Mon Jul 10 03:20:37.629596 2023] [ssl:error] [pid 2410] [client >> 192.168.0.5:64817] AH10158: cannot perform post-handshake authentication >> [Mon Jul 10 03:20:37.629633 2023] [ssl:error] [pid 2410] SSL Library >> Error: error:0A000117:SSL routines::extension not received >> > This has nothing to do with your certificates, but with TLS protocol.
This is TLSv1.3 no doubt, you just have to go to "about:config" in firefox and enable post-handshake authentication and that's why apache is telling you that the extension is not being received as in firefox not sending it. (look for handshake keyword). When a directory configuration is different from general TLS configuration, such as when requiring a certificate in a subdirectory, a renegotiation occurs. Being TLSv1.3, browsers such as Firefox have it disabled by default. If your apache server only allows TLSv1.2 you won't have this issue. As per the reason why browsers are doing this, can't remember it exactly what it is, a google search should shed some light I guess. -- Daniel Ferradal HTTPD Project #httpd help at Libera.Chat
