Dreaded OpenSSL: error:140890C7

Thu, 07 Mar 2002 05:32:25 -0800 

Hi,

I'am trying to authenticate clients connecting to my server.

[06/Mar/2002 18:45:19 25124] [info]  Connection to child 3 established
(server hub-1.trema.com:443, client 66.54.34.7)
[06/Mar/2002 18:45:19 25124] [info]  Seeding PRNG with 512 bytes of
entropy
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Handshake: start
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: before/accept
initialization
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: SSLv3 read client
hello A
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: SSLv3 write server
hello A
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: SSLv3 write
certificate A
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: SSLv3 write
certificate request A
[06/Mar/2002 18:45:19 25124] [trace] OpenSSL: Loop: SSLv3 flush data
[06/Mar/2002 18:45:20 25124] [trace] OpenSSL: Write: SSLv3 read client
certificate B
[06/Mar/2002 18:45:20 25124] [trace] OpenSSL: Exit: error in SSLv3 read
client certificate B
[06/Mar/2002 18:45:20 25124] [trace] OpenSSL: Exit: error in SSLv3 read
client certificate B
[06/Mar/2002 18:45:20 25124] [error] SSL handshake failed (server
hub-1.trema.com:443, client 66.54.34.7) (OpenSSL library error follows)
[06/Mar/2002 18:45:20 25124] [error] OpenSSL: error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
[Hint: No CAs known to server for verification?]

>From the error message I can imagine two problems:
- the client has not sent any certificate
- the client has sent an unknown certificate.

Can anybody help me sorting out this ?

A Google lookup retrieves a lot of  "OpenSSL: error:140890C7".
Most of the time, people have invoked the ClientAuthentication by
mistake.

Regards

--
Jean-Claude Bourut
Trema
1300, routes des Crêtes
Sophia Antipolis
06560 Valbonne FRANCE
Tel +33 4 92 38 81 04
Fax +33 4 92 38 81 99


begin:vcard 
n:Bourut;Jean-Claude
tel;fax:+33 (0) 9238 8199
tel;work:+33 (0) 9238 8100
x-mozilla-html:TRUE
org:Trema Laboratories
adr:;;1300 route des cretes;Sophia Antipolis;;06560;FRANCE
version:2.1
email;internet:[EMAIL PROTECTED]
title:Senior Software Engineer
note;quoted-printable:      (=0D=0A       ))=0D=0A C|~~|=0D=0A     `--'
end:vcard

Reply via email to