Quoting Martin Pala <[EMAIL PROTECTED]>:
<.....>
When i switched the Iceweasel's certificate setting:
Edit->Preferences->Advanced->Encryption->"When a server requests my
personal certificate" to "Ask me every time" i get the dialog which
reports that Monit asked for certificate and allows to select the
certificate.
My settings are the same.
As I mentioned, for other sites it strangely works.
Summary:
########
it's quite strange problem - in Monit there were no changes in SSL
related code between 4.10.1 and 5.0_beta4 so they should work the
same. It's possible that it's browser problem (on your side,
konqueror worked and i have tested with Iceweasel alias Firefox
without problem).
Thing is, I just genereated a new CA for testing, and new certificates.
This time I used debian/lenny on the client side, with iceweasel-3.0.3.
On the server side:
monit-1:4.10.1-4
openssl-0.9.8g-13
Config:
--8<--
set httpd port 28000 and
use address 127.0.0.1
ssl enable
pemfile /etc/monit/allinone.pem
clientpemfile /etc/monit/client_certificates.pem
allowselfcertification
allow localhost
--8<--
The file specified for the "pemfile" tag, contains the server keys + ca-cert.
I've installed the ca-cert in iceweasel (granted all three
permissions), imported my key, and tried it out.
Same result ... "monit: The client did not supply a required client
certificate!".
The only thing left trying is reducing the keylength of the keys
(currently 4096b).
But I doubt that is the problem.
--
regards,
Georges Toth
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
