httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DEVAL SHAH" <deva...@hotmail.com>
Subject [users@httpd] Apache gives SSL Library error complaining about common name - Help
Date Tue, 23 Jan 2007 01:20:37 GMT
Hello,
I have posted this question earlier but got no response. I am stating it 
again. Please help with some ideas.
I have a certificate installed for my domain from Thawte. Now if anyone 
tries to access the webpage using a browser it works perfect.
One of our clients has a proxy server. When they access to our website using 
their proxy they cannot access it. They get 500 Internal Server Error. Our 
logs indicates the following error:

[debug] ssl_engine_kernel.c(1762): OpenSSL: Read: SSLv3 read client 
certificate A
[debug] ssl_engine_kernel.c(1781): OpenSSL: Exit: failed in SSLv3 read 
client certificate A
SSL library error 1 in handshake (server abc.com:443)
SSL Library Error: 336151570 error:14094412:SSL 
routines:SSL3_READ_BYTES:sslv3 alert bad certificate Subject CN in 
certificate not server name or identical to CA!?
Connection closed to child 1 with abortive shutdown (server abc.com:443)

Now according to them they are doing everything perfect as they can access 
another of our SSL server perfectly well. What am I missing - I am sure our 
SSL certificate is valid as browser does not give any error.
I am not using Client certificate authentication as I have SSLVerifyClient 
none

Any help is appreciated.

Thanks
Deval



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message