Red Hat Bugzilla – Bug 220201
problem between switch on ports with no certificate required to a port with certificate required
Last modified: 2007-11-16 20:14:55 EST
Description of problem:
There is a error on mod_ssl module.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.make a site running on 443 port with no certificate required with a link to
the same host with a port 8443. The port 8443 should request the client certificate.
2.your server should accept certificates from a ca (on my case from a internal
3.access the site (simple site is attached)
The browser say This page cannot be displied and the apache server logged No
acceptable peer certificate available.
the LogLevel of the webserver was set with debug.
i put the ssl_error_log on attachment.
when click on link to url:port with certificate required, the server should
requeste a certificate and browser should request to user choose the certified
when select the certificate and send it, the second site should be open on screen.
The error occurs only if the actual url is equal, changing only the port number.
On tests, the site was url https://blabla.com.br (with no certificate required)
and the link to https://blabla.com.br:8443 (with certificate required).
ps: on screen with a error (This page cannot be displied) if you copy the url
and past on other window browser the certificate is requested and you can access
The error seems ocurr only on IE (6 e 7 was tested), but with Firefox the
application (on WebSphere) cannot receive data from certificate.
Created attachment 144015 [details]
ssl.conf ssl_erro_log and test sites
Thanks for the report. To be clear, is Firefox working exactly as expected, the
browser is supplying the requested certificate when connected to the :8443 vhost?
There is a misconfiguration here though I'm not sure it it makes any difference.
Inside the vhost blocks, the servernames:
should have the ":port" appended (:443 and :8443 appropriately).
There is no attempt to renegotiate logged which is odd.
In the :8443 vhost, if you nest the
does that make a difference?
Hi Orton, thanks for help.
Using your sugestion i solve the problem.
I just add the port number on ServerName.
(ServerName xxxxxxxxxxxxxxx.gov.br:443 and
The bug can be closed.
Thanks for letting us know.