SSL client certificate

Problems with the Windows version of XAMPP, questions, comments, and anything related.

SSL client certificate

Postby yn.coder@gmail.com » 12. June 2017 09:57

Hello!

Thank you for great software!

I have in trouble with SSL Client certficate configuration.

I've start XAMPP 3.2.2 on Windows 7, simple installation without any modifications (just only one - set SSL port to 8892, because 443 was busy)

I've use the server key and crt from installation, create the client key and csr with openssl ('xampp\apache\bin\openssl.exe'), register the csr in apache and got client crt (server copy is placed to 'xampp\apache\conf\demoCA\newcerts\01.pem').

Connection to https://localhost:8892 is working.

If I restrict some folder in httpd with '.htaccess' with 'SSLVerifyClient require' - connection is not work (it's right).

When I add client crt to browser - certificate was requested but connection fail with
Code: Select all
SSL_ERROR_UNKNOWN_CA_ALERT


May be I do not configure something?
yn.coder@gmail.com
 
Posts: 2
Joined: 12. June 2017 09:43
XAMPP version: 3.2.2
Operating System: Windows7

Re: SSL client certificate

Postby yn.coder@gmail.com » 12. June 2017 10:15

I was try both with crt and P12 client certificate format - with same result 'SSL_ERROR_UNKNOWN_CA_ALERT'

In error.log I see

[Mon Jun 12 14:07:54.350127 2017] [ssl:error] [pid 6140:tid 1636] [client 127.0.0.1:58068] AH02261: Re-negotiation handshake failed
[Mon Jun 12 14:07:54.350127 2017] [ssl:error] [pid 6140:tid 1636] SSL Library Error: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate -- No CAs known to server for verification?
[Mon Jun 12 14:08:39.809727 2017] [ssl:error] [pid 6140:tid 1636] [client ::1:58073] AH02039: Certificate Verification: Error (20): unable to get local issuer certificate
[Mon Jun 12 14:08:39.832728 2017] [ssl:error] [pid 6140:tid 1636] [client ::1:58073] AH02261: Re-negotiation handshake failed
[Mon Jun 12 14:08:39.832728 2017] [ssl:error] [pid 6140:tid 1636] SSL Library Error: error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed
[Mon Jun 12 14:08:45.645061 2017] [ssl:error] [pid 6140:tid 1636] [client ::1:58075] AH02039: Certificate Verification: Error (20): unable to get local issuer certificate
[Mon Jun 12 14:08:45.645061 2017] [ssl:error] [pid 6140:tid 1636] [client ::1:58075] AH02261: Re-negotiation handshake failed
[Mon Jun 12 14:08:45.645061 2017] [ssl:error] [pid 6140:tid 1636] SSL Library Error: error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed

yn.coder@gmail.com
 
Posts: 2
Joined: 12. June 2017 09:43
XAMPP version: 3.2.2
Operating System: Windows7


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 49 guests