httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "D'Arcy J.M. Cain" <da...@Vex.Net>
Subject [users@httpd] New install of Apache not accepting client certs
Date Thu, 17 Apr 2014 23:44:45 GMT
I just upgraded my Apache from 2.4.7 to 2.4.9 and now my clients' cert
give me a "server certificate does NOT include an ID which matches the
server name" error and it serves the system cert instead which fails
because it doesn't match the domain.  Here is an example (sanitized)
entry in my httpd.conf.  Any ideas?  I am reverting to 2.4.7 in the
meantime.

<VirtualHost 256.256.256.256:443>
    ServerName wwws.example.com
    DocumentRoot /u/WEB/user
    ServerAdmin webmaster@vex.net
    SuexecUserGroup user user
 
    Include /VEX/templates/www/httpd-ssl.conf
    SSLCertificateFile /VEX/certs/wwws.example.com.cert
    SSLCertificateKeyFile /etc/certs/wwws.example.com.key
</VirtualHost>
------------------------------------------------------------------------------

/VEX/templates/www/httpd-ssl.conf contains this:

SSLEngine on
 
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
 
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0


-- 
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:darcy@Vex.Net
VoIP: sip:darcy@Vex.Net

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message