[CentOS] Re: self signed ssl cert on C5

Thu Oct 25 19:47:13 UTC 2007
Paul Heinlein <heinlein at madboa.com>

On Thu, 25 Oct 2007, Tom Diehl wrote:

> Ok, So I changed the Makefile from localhost to match the actual 
> hostname of the machine. I then ran "make testcert" as suggested 
> above and answered the questions as appropriate. It then generated 
> the cert without errors. I then modified ssl.conf to point to the 
> .key file and the .crt file, restarted apache.
>
> Everything looked OK in the logs. I then pointed a browser at the 
> machine and I got the following errors in the ssl error log:
>
> [Thu Oct 25 14:31:25 2007] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: 
> SSLv3 read client certificate B
> [Thu Oct 25 14:31:25 2007] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: 
> error in SSLv3 read client certificate B
> [Thu Oct 25 14:31:25 2007] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: 
> error in SSLv3 read client certificate B

Is SELinux enabled? Does your cert have the correct security context 
type (probably httpd_config_t)?

-- 
Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/