[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] Unknown error situation

Oliver Floericke wrote:

> But now I receive during session negotiating the following message on the
> client side when I use the debug option:
> [...]
> received Certificate...
> received Certificate_request...
> ....
> send SSLCertficate
> send ClientClient KeyExchange
> send CertificateVerify
> send change_cipher_spec
> send finished
> Handshaker Alert!       <====== :-(
> Alert Fatal: bad certificate  <====== :-(
> ....
> Who triggers this message? Is it due to a message from the server meaning
> the servert does not accept the client cert or is it done by the client due
> to some other failure?

The Handshake alert is coming from the server.  When the server sends the certificate request, part of that
request is the list of Certificate Authorities that it will accept back from the client.  Have you configured
your server to accept client certificates which have been signed by the CA you created with OpenSSL?


Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl