[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modssl
Subject:    Handshake Issue ?
From:       "Nauman, Ahmed [IT]" <ahmed.nauman () citigroup ! com>
Date:       2003-07-18 19:47:16
[Download RAW message or body]

Hi all,

i am Using Apache/1.3.27 Server with mod ssl. I have following question and
i will highly appreciate if someone of you can spare some time for the
answers.

1- I have specified a SSLCACertificateFile directive and have also required
for client authentication. When i try to access that directory through
Internet Explorer, it does not ask me which client certificate to select but
displays a message that i am accessing private item, then asks for user name
and password and then shows Server Certificate Message - if i select YES
then it displays the contents. As it is displaying the contents i am
assuming that everything went fine. BUT why i am not getting selection of
client certificates - i have three different certs installed for client.

2- How can i mention more than 1 CAs as trusted CAs in httpd.conf file ?

The log shows following
[18/Jul/2003 15:43:16 22122] [info]  Connection to child 0 established
(server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)
[18/Jul/2003 15:43:16 22123] [info]  Seeding PRNG with 1160 bytes of entropy
[18/Jul/2003 15:43:16 22122] [info]  Seeding PRNG with 1160 bytes of entropy
[18/Jul/2003 15:43:16 22122] [info]  Connection: Client IP: 168.109.64.190,
Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
[18/Jul/2003 15:43:16 22122] [info]  Initial (No.1) HTTPS request received
for child 0 (server cddfs1.nj.ssmb.com:8443)
[18/Jul/2003 15:43:16 22122] [info]  Connection to child 0 closed with
unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)
[18/Jul/2003 15:43:16 22123] [info]  Connection: Client IP: 168.109.64.190,
Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
[18/Jul/2003 15:43:16 22123] [info]  Initial (No.1) HTTPS request received
for child 1 (server cddfs1.nj.ssmb.com:8443)
[18/Jul/2003 15:43:16 22123] [info]  Connection to child 1 closed with
unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)

i don't see any SSL handshake or verification for this transaction ? Any
help will be highly appreciated.

Regards,
Nauman


-----Original Message-----
From: Shaun T. Erickson [mailto:ste@ste-land.com]
Sent: Friday, July 18, 2003 1:40 PM
To: modssl-users@modssl.org
Subject: Re: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28


Ihor Bilyy wrote:

> fix the link

Where are your manners? Say please next time.

	-ste


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org
[prev in list] [next in list] [prev in thread] [next in thread]