Issues with Client Authentication

We are having issues with the SSLVerifyClient require option enabled.
Users are sometimes (more frequently as user levels increase) receiving
'page cannot be displayed' errors and the error log is showing:

[Fri Aug 02 11:56:48 2002] [error] mod_ssl: SSL handshake failed
(server www.xxxxxxxx.org:443, client xxx.xxx.xxx) (OpenSSL library error
follows)
[Fri Aug 02 11:56:48 2002] [error] OpenSSL: error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
[Hint: No CAs known to server for verification?]

But other times their authentication works fine. They also determined
that when the SSLVerifyClient require option was disabled that
performance and response time improved dramatically. Does this have
anything to do with the SSLSessionCacheTimeout 300 variable or the
SSLVerifyDepth 10. I don't know why are depth is set to 10 when we
just have a root and subordinate ca cert in our chain. Should this be
changed to 2 and would this have anything to do with the error and
performance mentioned above?

I would appreciate any suggestions to resolve this issue. Thanks!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org