httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Collyer <>
Subject Re: [users@httpd] SSLVerifyClient, per directory access, POST and renegotiation failed
Date Sat, 18 Feb 2006 09:49:01 GMT
Pierre Couderc wrote:
> I want to give an access to users  controlled by client certificates on 
> a per directory basis.
> It seems that there is a recurrent bug in mod_ssl the traces of which I 
> have found on the WEB and in  apache bugzilla, which has for result to  
> give an error  with a bad answer  to the browser and a "renegotiation 
> failed" in the logs.
> My question is, is there an uptodate synthetic howto describing how to 
> do that?
> Else, did someone success doing an access by client certificates,  with 
> some directories where the certificate is not required, and using POSTs?

I'm not sure what problem you're seeing, but it sounds suspiciously
like an extant POST-with-client-certificate bug that I ran into

It seems that anything in Apache2 less recent than Apache
2.2 can't handle POSTs together with client certs under some
circumstances (though there is a patch that should fix the problem
for earlier versions). I believe that there was no such problem
with Apache 1.3.x though I haven't tested it.

I've had client certs and POST working without problem with 2.2
so if you can upgrade to that, it's probably the quickest fix.

If you look back a few weeks in the archives for this list you'll
see a thread where Joe Orton posts a reference for the patch for
Apache 2.0.x, should you need to stick with that.


Stephen Collyer
Netspinner Ltd

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message