Project

General

Profile

Bug #2093

ssl client auth doesn't work... (in 1.4.24)

Added by leblos almost 11 years ago. Updated about 4 years ago.

Status:
Fixed
Priority:
Normal
Category:
TLS
Target version:
-
ASK QUESTIONS IN Forums:

Description

Beim Versuch die SSL ClientCert Validation in 1.4.24 zu verwenden meldet der Error-Log immer:
I'm trying to use SSL ClientCert Validation in 1.4.24 and get the following errors in the log:

2009-11-02 20:13:16: (connections.c.292) SSL: 1 error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm 
2009-11-02 20:13:16: (connections.c.292) SSL: 1 error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned 

auf dem gleichen Rechner (also auch gleiche Version von OpenSSL/libssl (0.9.8k) nicht auf.
Ein Test mit openssl s_client bringt folgenden Fehler:
Testing with the same certs on the same host with apache doesn't produce such errors.
Testing with openssl s_client give this:

SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL3 alert read:fatal:decrypt error
SSL_connect:failed in SSLv3 read finished A
7395:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:s3_pkt.c:1053:SSL alert number 51
7395:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Systemdaten:
Debian Lenny,
lighttpd 1.4.24
openssl/libssl 0.9.8k-5


Related issues

Related to Feature #1288: SSL Client Certificate validation.FixedActions
#1

Updated by leblos almost 11 years ago

Neueste Version aus dem svn zeigt auch das gleiche Problem.

#2

Updated by stbuehler over 10 years ago

This is not a german bugtracker.

#3

Updated by stbuehler over 10 years ago

  • Subject changed from ssl client auth schlägt fehl... (in 1.4.24) to ssl client auth doesn't work... (in 1.4.24)
#4

Updated by leblos over 10 years ago

Oops... I am sorry, i didn't realise that the bugs are only in english.
Thank you very much for updating/translating!

#5

Updated by leblos over 10 years ago

If possible, you can delete the german text completely - i can't.

#6

Updated by gstrauss over 4 years ago

  • Category set to TLS
#7

Updated by gstrauss about 4 years ago

  • Related to Feature #1288: SSL Client Certificate validation. added
#8

Updated by gstrauss about 4 years ago

  • Status changed from New to Fixed
  • Target version set to 1.4.x
#9

Updated by stbuehler about 4 years ago

  • Target version deleted (1.4.x)

Also available in: Atom