On Sun, Feb 11, 2018 at 12:47 PM, Naveen Nandyala - Vendor < naveen.nandy...@walmart.com> wrote:
> Hi, > > > > I’m using Apache HTTP server as a webserver and Websphere > application server as an Application server. Apache is using Proxy to > redirect requests from Apache to Websphere. On my websphere side security > is enabled, and its looking for mutual authentication. Could you please > help me with where I can add my Application server’s root certificate on > Apache end? > > > > Could you please let me know how can I add websphere > certificate in my Apache. I’ve tried using “ > > SSLProxyMachineCertificateFile” and “SSLProxyMachineCertificatePath” > which points to Websphere applicaton server certificate. But its not > working and I’m getting below error. > > That's the right way to specify a client certificate. But it shouldn't be "websphere's certificate" it should be a certificate that identifies your webserver and is trusted by your application server. > > > > > [Sat Feb 10 19:34:38.426645 2018] [ssl:warn] [pid 60369:tid > 140460446177024] AH02268: Proxy client certificate callback: (XXXXX:443) > downstream server wanted client certificate but none are configured > > Was SSLProxyMachineCertificateFile set? Did it have a key and a cert in it? [Sat Feb 10 19:34:38.429477 2018] [proxy_http:error] [pid 60369:tid > 140460446177024] (103)Software caused connection abort: [client XXXXXXX] > AH01102: error reading status line from remote server XXXXXX. > > [Sat Feb 10 19:34:38.429523 2018] [proxy:error] [pid 60369:tid > 140460446177024] [client XXXXXXXX] AH00898: Error reading from remote > server returned by /XXXXXXX > > > This is just the abrupt closure of the connection due to WAS not finding a client certificate.
