SSL with client certificate errors
Igor Sysoev
igor at sysoev.ru
Tue Apr 6 12:15:52 MSD 2010
On Tue, Apr 06, 2010 at 08:50:26AM +0200, Anna Malova wrote:
> Igor Sysoev wrote:
> > On Tue, Feb 23, 2010 at 06:35:54PM +0900, Zev Blut wrote:
> >
> >> >>> reset to Firefox and generates this error:
> >> >> 2010/02/23 16:02:19 [crit] 7224#0: *46254 SSL_do_handshake() failed
> >> listen 443;
> >>
> >> ssl on;
> >> ssl_certificate /etc/nginx/ssl/data.crt;
> >> ssl_certificate_key /etc/nginx/ssl/data.key;
> >> ssl_protocols SSLv3 TLSv1;
> >>
> >> # Make sure we verify client side SSL
> >> ssl_verify_client on;
> >> ssl_client_certificate /etc/nginx/ssl/data.pem;
> >> }
> >
> > Could you try the attached patch ?
>
> Hi, Igor! I also have the above problem - nginx is working on Windows
> (currently on my local computer) and hope the patch will help to fix the
> problem. Sorry for the silly question - how to install the patch you
> posted here? As far as I can understand - this module is written on C
> language. I didn't have a deal with C anytime unfortunately :( I am a
> Java developer. And our system administrator is out of office now. Can
> you help me, please?
This bug has been fixed in 0.8.34:
*) Bugfix: if ssl_session_cache was not set or was set to "none", then
during client certificate verify the error "session id context
uninitialized" might occur; the bug had appeared in 0.7.1.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list