ssl renegotiation in post not allowed?

ssl renegotiation in post not allowed?

am 04.12.2002 22:45:34 von Alejandro Dobniewski

Hello:
I'm having a problem using client authentication with POST method. I
have an Apache 2.0.43, server side SSL works fine. The browser is an
internet explorer 6.0. When I requiere client side authentication I can't
POST any data. The error log follows:
[Wed Dec 04 15:27:09 2002] [notice] Apache/2.0.43 (Unix) mod_ssl/2.0.43
OpenSSL/0.9.6g mod_jk2/2.0.0 configured -- resuming normal operations
[Wed Dec 04 15:28:26 2002] [error] Re-negotiation handshake failed: Not
accepted by client!?
[Wed Dec 04 15:28:26 2002] [error] Spurious SSL handshake interrupt [Hint:
Usually just one of those OpenSSL confusions!?]
[Wed Dec 04 15:29:03 2002] [error] SSL Re-negotiation in conjunction with
POST method not supported!
hint: try SSLOptions +OptRenegotiate
[Wed Dec 04 15:29:07 2002] [error] SSL Re-negotiation in conjunction with
POST method not supported!
hint: try SSLOptions +OptRenegotiate
[Wed Dec 04 15:29:10 2002] [error] SSL Re-negotiation in conjunction with
POST method not supported!
hint: try SSLOptions +OptRenegotiate
[Wed Dec 04 15:58:30 2002] [notice] caught SIGTERM, shutting down

Of course we tried +OptRenegotiate but the problem persist. In Apache
changelog this lists as fixed as of version 2.0.37. I have searched the
mailing list archives and internet and found similar problems but can't find
an answer.

I need to get this working as soon as posible.
Thanks in advance.

Alejandro Dobniewski
Siemens Itron Business Services S.A.
Desarrollo


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: ssl renegotiation in post not allowed?

am 05.12.2002 22:33:53 von Marcin

You wrote:

> I'm having a problem using client authentication with POST method. I
> have an Apache 2.0.43, server side SSL works fine. The browser is an

Hi Alejandro,
I came across the same problem. I had to upgrade Apache from 1.3.27 (this
version just kills the MSIE on Windows XP) to 2.0.43. I tried the Debian
package first, than I built Apache from scratch, and finally I built the
latest sources from CVS with SSL EXPERIMENTAL flag -- but all without luck.
I found the following bug in Apache bugzilla:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12355 (bug #12355)
which describes exactly the same behaviour we noticed,
and voted for it, but it still has a Status: NEW and nobody seemed to take
care of it.

> I need to get this working as soon as posible.
So do I.

Please, share your solution if you find some.

--
Marcin

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org