SSL with client certificate errors

Igor Sysoev igor at sysoev.ru
Tue Apr 6 12:15:52 MSD 2010


On Tue, Apr 06, 2010 at 08:50:26AM +0200, Anna Malova wrote:

> Igor Sysoev wrote:
> > On Tue, Feb 23, 2010 at 06:35:54PM +0900, Zev Blut wrote:
> > 
> >> >>> reset to Firefox and generates this error:
> >> >> 2010/02/23 16:02:19 [crit] 7224#0: *46254 SSL_do_handshake() failed
> >>          listen 443;
> >> 
> >>          ssl                  on;
> >>          ssl_certificate      /etc/nginx/ssl/data.crt;
> >>          ssl_certificate_key  /etc/nginx/ssl/data.key;
> >>          ssl_protocols SSLv3 TLSv1;
> >> 
> >>          # Make sure we verify client side SSL
> >>          ssl_verify_client on;
> >>          ssl_client_certificate /etc/nginx/ssl/data.pem;
> >>     }
> > 
> > Could you try the attached patch ?
> 
> Hi, Igor! I also have the above problem - nginx is working on Windows 
> (currently on my local computer) and hope the patch will help to fix the 
> problem. Sorry for the silly question - how to install the patch you 
> posted here? As far as I can understand - this module is written on C 
> language. I didn't have a deal with C anytime unfortunately :( I am a 
> Java developer. And our system administrator is out of office now. Can 
> you help me, please?

This bug has been fixed in 0.8.34:

    *) Bugfix: if ssl_session_cache was not set or was set to "none", then 
       during client certificate verify the error "session id context 
       uninitialized" might occur; the bug had appeared in 0.7.1.


-- 
Igor Sysoev
http://sysoev.ru/en/



More information about the nginx mailing list