Hi
everyone.
I have a problem with Pound for days,still not
solved.
I configure Pound to ask for client
certiificae,
my pound configure file is below:
LogLevel 2
Alive 30
ListenHTTPS
Address 192.168.11.8
Port
443
xHTTP 0
WebDAV 0
Client 1
Change30x 1
Cert
"/ws/Pound-2.0.1/me.pem"
CAlist
"/ws/Pound-2.0.1/fjroot.pem"
#VerifyList
"/ws/Pound-2.0.1/fjca.pem"
ClientCert 2 2
NoHTTPS11 2
Ciphers
"ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
Service
# URL ".*"
BackEnd
Address
192.168.11.3
Port
80
Priority
1
End
Session
Type
IP
TTL
300
End
End
End
when client -IE ,chose the certificate in certificate
selection dialog,
we can now see this line in Pound logfile
BIO_do_handshake with 192.168.1.35
failed:
error:140890B2:SSLroutines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate
returned
where ClientCert 2 2 change to Client 0 2
,ask no certificate ,everything is OK.
any suggestion ?
openssl is openssl 0.9.8a
Thank!
WANG
2006.2.17