Opened 10 years ago
Closed 10 years ago
#5 closed defect (fixed)
Client-side certificates not recognzied
| Reported by: | Daniel Kahn Gillmor | Owned by: | Daniel Kahn Gillmor |
|---|---|---|---|
| Priority: | major | Component: | code |
| Version: | 5.10 | Keywords: | client-certificates |
| Cc: |
Description
imported from mantis, at 2011-10-02 macrotex wrote:
I have this configuration in Apache:
<VirtualHost example.com:443>
GnuTLSEnable On
GnuTLSPriorities NORMAL:!DHE-RSA:!DHE-DSS:!AES-256-CBC:%COMPAT
GnuTLSCertificateFile /etc/ssl/certs/mdm-dev1-gnutls.pem
GnuTLSKeyFile /etc/ssl/private/myserver-dev1.key
# Client certs CA chain
GnuTLSClientCAFile /etc/ssl/certs/ca-chain.pem
GnuTLSExportCertificates On
GnuTLSClientVerify ignore
<LocationMatch /device.*/checkin>
GnuTLSClientVerify require
</LocationMatch>
</VirtualHost>
I have a client going to this URL and submitting a client certificate (I know it does as I have tested this with mod_ssl and the client certificate gets passed). However, with mod_gnutls no certificate seems to get passed. In particular, the SSL_CLIENT_S_DN environment variable is empty.
Change History (2)
comment:1 Changed 10 years ago by
| Keywords: | needs-test added |
|---|
comment:2 Changed 10 years ago by
| Keywords: | needs-test removed |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
This has a test now, introduced in two parts.
it will be resolved in the next release.
Note: See
TracTickets for help on using
tickets.
dash wrote: