• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1399
  • Last Modified:

SSL Re-negotiation in conjunction with POST method not supported

Hello,

My problem:
Internet Explorer cannot POST with a client certificate unless I turn on "SSLVerifyClient
optional" in the virtual server container, which is not acceptable, because then ALL users
get prompted for a cert, and not all users will have one. (apache 2.0.58)

I have an SSL virtual server with multiple containers (per Location and per Directory).
All of them require Basic SSL Authentication using username & password from my htpasswd
file.

https://www.mydomain.com

The would be prompted for username and password and get in.

Then I tried:

https://www.mydomain.com/clientAuth

which is the <Location /clientAuth> that requires a client certificate using post method then I got this error:

Method Not Allowed
The request method POST is not allowed for the URL /clientAuth/test.do

In my logfile, I see this:

SSL Re-negotiation in conjunction with POST method not supported!\nhint: try SSLOptions +OptRenegotiate


The ONLY workaround I've been able to find to resolve this reliably on all platforms is to
add a "SSLVerifyClient optional" outside of my Location directives and right in the Virtual
Server container. But then here's the problem for me: by doing that, ALL users will first
get prompted for a cert as soon as they go to the main site: https://www.mydomain.com. That's
not acceptable, because only a select number of people will have certs. I don't want non-cert
users to get prompted for a cert. They will have to know to hit 'cancel' so the username/password
dialog will come up next.

Thanks for any help given.
0
chencc77
Asked:
chencc77
1 Solution
 
sleep_furiouslyCommented:
Is is possible for you to upgrade to version 2.2.x?

This bug has been fixed in 2.2, but the fix has not been backported to 2.0.

There is a fair bit of information here:
http://issues.apache.org/bugzilla/show_bug.cgi?id=12355

There is an unofficial patch for 2.0.x attached to that bug report if you are feeling adventurous ...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now