logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Failed to Read Client certificate - 403 forbidden error
Author
rskb4u



Joined: 14 Apr 2014
Posts: 25
Location: India

PostPosted: Fri 05 Sep '14 9:21    Post subject: Failed to Read Client certificate - 403 forbidden error Reply with quote

Hi Forum Members,

we are getting 403 for bidden error when accessing from web clients.

Here are my config files:

httpd.conf & httpd-ssl.conf files:
1)
https://docs.google.com/document/d/1el7PTrHxnJcm9oTw29H7NXarBMfclGXiVUS6avtQdYw/

2)
https://docs.google.com/document/d/1K35jpheRzbziofilExxHjcTbXCUYMRXmxxG49Cy4Qnk/

Please suggest if we have to make any changes in our configuration files.

Many thanks,
Shiva Rudra
Back to top
maba



Joined: 05 Feb 2012
Posts: 64
Location: Germany, Heilbronn

PostPosted: Sun 07 Sep '14 22:24    Post subject: Reply with quote

Hello,

you are making it somewhat hard for your potential helpers if you include the config files this way. Anyway, I checked through the files.

Finding: you are requiring SSL client authentication. This means that any client that does not present a valid client certificate to your web server, will receive the error 403.

This is in the httpd-ssl config file:
Code:

<Location />
...
</Location>


I would build up the httpd-ssl config file step by step.
    Step 1:
    get standard ssl file delivery working
    Comment out all the client SSL certificate stuff and do not proxy anything. Place an index.html file into your SSL document root. Check whether you can fetch this using https.

    Step 2:
    add the proxy portion. Now check whether you can browse to the server and whether you receive the data from the proxy host.

    Step 3:
    add the client certificates back in if you really mean that. I haven't seen to many web sites which require client SSL certificates when acting as a reverse proxy.
Back to top


Reply to topic   Topic: Failed to Read Client certificate - 403 forbidden error View previous topic :: View next topic
Post new topic   Forum Index -> Apache