Etsi tuesta

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Lue lisää

Cannot use our self signed client certificates

  • 2 vastausta
  • 1 henkilöllä on sama ongelma
  • 1 näyttö
  • Viimeisin kirjoittaja Fabien H. Dumay

more options

In order to monitor our application at client sites, we have added a monitoring page (using apache). To prevent preying eyes, we require clients to identify them selves using a client certificate. This used to work until a few weeks ago, but now we are having problems using firefox. It keeps stating a SSL_ERROR_HANDSHAKE_FAILURE_ALERT error, and we cannot accessing the pages.

I have already added our Root CA and intermediate CA (used to sign the client certs) in both firefox and the windows certificate store, But the problem is not yet resolved.

The subdomain is protected with a an Organization Validated certficate from an official CA authority. Apparently we are missing something, but i can't see what is causing this issue.

If i disable the requirement for a client certificate, the site is accessible, but that is not really an option here.

In order to monitor our application at client sites, we have added a monitoring page (using apache). To prevent preying eyes, we require clients to identify them selves using a client certificate. This used to work until a few weeks ago, but now we are having problems using firefox. It keeps stating a SSL_ERROR_HANDSHAKE_FAILURE_ALERT error, and we cannot accessing the pages. I have already added our Root CA and intermediate CA (used to sign the client certs) in both firefox and the windows certificate store, But the problem is not yet resolved. The subdomain is protected with a an Organization Validated certficate from an official CA authority. Apparently we are missing something, but i can't see what is causing this issue. If i disable the requirement for a client certificate, the site is accessible, but that is not really an option here.

Kaikki vastaukset (2)

more options

Hi Fabien:

Do you follow the instructions in the followin article to enable Windows certificate store?

Please let us know.

Cheers! ...Roland

more options

Hi Roland,

Thanks for responding to my query. I have tried that solution (both 'on' and 'off') but that did not change the outcome.

Regards,

Fabien H. Dumay