Handshake Issue ?

Handshake Issue ?

am 18.07.2003 21:47:16 von ahmed.nauman

Hi all,

i am Using Apache/1.3.27 Server with mod ssl. I have following question and
i will highly appreciate if someone of you can spare some time for the
answers.

1- I have specified a SSLCACertificateFile directive and have also required
for client authentication. When i try to access that directory through
Internet Explorer, it does not ask me which client certificate to select but
displays a message that i am accessing private item, then asks for user name
and password and then shows Server Certificate Message - if i select YES
then it displays the contents. As it is displaying the contents i am
assuming that everything went fine. BUT why i am not getting selection of
client certificates - i have three different certs installed for client.

2- How can i mention more than 1 CAs as trusted CAs in httpd.conf file ?

The log shows following
[18/Jul/2003 15:43:16 22122] [info] Connection to child 0 established
(server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)
[18/Jul/2003 15:43:16 22123] [info] Seeding PRNG with 1160 bytes of entropy
[18/Jul/2003 15:43:16 22122] [info] Seeding PRNG with 1160 bytes of entropy
[18/Jul/2003 15:43:16 22122] [info] Connection: Client IP: 168.109.64.190,
Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
[18/Jul/2003 15:43:16 22122] [info] Initial (No.1) HTTPS request received
for child 0 (server cddfs1.nj.ssmb.com:8443)
[18/Jul/2003 15:43:16 22122] [info] Connection to child 0 closed with
unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)
[18/Jul/2003 15:43:16 22123] [info] Connection: Client IP: 168.109.64.190,
Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
[18/Jul/2003 15:43:16 22123] [info] Initial (No.1) HTTPS request received
for child 1 (server cddfs1.nj.ssmb.com:8443)
[18/Jul/2003 15:43:16 22123] [info] Connection to child 1 closed with
unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190)

i don't see any SSL handshake or verification for this transaction ? Any
help will be highly appreciated.

Regards,
Nauman


-----Original Message-----
From: Shaun T. Erickson [mailto:ste@ste-land.com]
Sent: Friday, July 18, 2003 1:40 PM
To: modssl-users@modssl.org
Subject: Re: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28


Ihor Bilyy wrote:

> fix the link

Where are your manners? Say please next time.

-ste


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org