Greeting!
I'm having a problem on setting up client certificate on my test site on
Apache 2.2.15/OpenSSL 0.9.8m on Windows XP. I followed the "How-To"
articles on mod_ssl (http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html).
When I browse the site, I got the following error message in the log:
Re-negotiation handshake failed: Not accepted by client!?
I read through the documentation. I tried to turn
SSLInsecureRenegotiation on and off, but no luck. I attached the
configuration of my virtual host, hoping that you would point out anything
that I've missed. Oh, when I said that the site wasn't working, I was
referring to my browser, which displays an error page with the code:
ssl_error_handshake_failure_alert, instead of asking me for a certificate.
Thanks,
Kenneth Yeung
<VirtualHost *:10991>
ServerAdmin [email protected]
DocumentRoot "C:/hosts-static/mysite/ROOT"
ServerName mysite.mycompany.com
ErrorLog "C:/hosts-static/mysite/log/ROOT-error.log"
CustomLog "C:/hosts-static/mysite/log/ROOT-access.log" common
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile "C:/Apache2.2/conf/ssl.crt/mysite.crt"
SSLCertificateKeyFile "C:/Apache2.2/conf/ssl.crt/mysite.key"
SSLInsecureRenegotiation on
<Directory C:/hosts-static/mysite/ROOT>
Order deny,allow
Allow from all
SSLVerifyClient require
SSLVerifyDepth 1
SSLCACertificateFile
"C:/Apache2.2/conf/ssl.crt/self_signed_ca.crt"
</Directory>
</VirtualHost>
