shibboleth-dev - Re: SSL problem......
Subject: Shibboleth Developers
List archive
- From: Elliot Metsger <>
- To:
- Cc:
- Subject: Re: SSL problem......
- Date: Tue, 13 Jul 2004 15:23:06 -0400
wrote:
and the ssl_engine log says this:
[13/Jul/2004 11:01:18 06387] [error] Re-negotiation handshake failed: Not accepted by client!?
[13/Jul/2004 11:01:18 06387] [error] SSL error on writing data (OpenSSL library error follows)
[13/Jul/2004 11:01:18 06387] [error] OpenSSL: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate [Hint: No CAs known to server for verification?]
suggestions?
Try using 'openssl sclient' on the service provider to connect to the identidy provider. its possible that openssl on the SP doesn't trust the signer of your origin's cert, in which case you need to put it in /usr/local/ssl/certs and run /usr/local/ssl/bin/c_rehash on the certs in that directory (substituting /usr/local/ssl for your openssl installation).
Elliot
- SSL problem......, Steven_Carmody, 07/13/2004
- RE: SSL problem......, Scott Cantor, 07/13/2004
- RE: SSL problem......, Steven_Carmody, 07/13/2004
- RE: SSL problem......, Scott Cantor, 07/13/2004
- RE: SSL problem......, Steven_Carmody, 07/13/2004
- Re: SSL problem......, Elliot Metsger, 07/13/2004
- RE: SSL problem......, Scott Cantor, 07/13/2004
- RE: SSL problem......, Scott Cantor, 07/13/2004
Archive powered by MHonArc 2.6.16.