[Help-gnutls] client certificate authentication

Tristan Hill stan at saticed.me.uk
Tue Jan 20 21:47:13 CET 2009

On Mon, 2009-01-19 at 22:07 +0200, Nikos Mavrogiannopoulos wrote:
> Check the server log. The hint is:
> |<4>| REC[89c1dd0]: Expected Packet[2] Handshake(22) with length: 1
> |<4>| REC[89c1dd0]: Received Packet[2] Alert(21) with length: 32

The best I appear to be able to get from apache+mod_ssl indicate:

[Tue Jan 20 20:30:34 2009] [debug] ssl_engine_kernel.c(1770): OpenSSL:
Write: SSLv3 read client hello B
[Tue Jan 20 20:30:34 2009] [debug] ssl_engine_kernel.c(1789): OpenSSL:
Exit: error in SSLv3 read client hello B
[Tue Jan 20 20:30:34 2009] [error] Re-negotiation handshake failed: Not
accepted by client!?

Perhaps the full log is clearer to you?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: apache_error.log
Type: text/x-log
Size: 20404 bytes
Desc: not available
URL: </pipermail/attachments/20090120/8b6a0056/attachment.bin>

More information about the Gnutls-help mailing list