通过身份验证更新主题,我通过SSL执行客户端身份验证 . 看下图:
客户端证书的.p12扩展名已安装并安装在计算机上 .
但仍存在两个问题:
1)不要求证书的密码进行身份验证;
2)错误仍然出现,不显示页面: ERR_BAD_SSL_CLIENT_AUTH_CERT
.
有人能帮我吗?
Apache配置:
<VirtualHost 0.0.0.0:443>
DocumentRoot /var/www/empresa
ServerName empresa
# enable ssl
SSLEngine on
SSLOptions +StdEnvVars
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /var/ssl/ca.empresa.crt
SSLCertificateKeyFile /var/ssl/ca.empresa.key
# this location requires client cert
<Location /webservice>
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_O} eq "Empresa LDA."
SSLVerifyClient require
SSLVerifyDepth 1
</Location>
</VirtualHost>