• 15

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Debugging mutual-authentication SSL handshake

I've got a load balancer that is configured for mutual-authentication SSL. As far as I'm aware, the load balancer has been configured with an Entrust certificate, and has been installed with our own CA as a Trusted Root.

Client side, I've got our CA installed as a trusted root and a signed certificate from the CA as a personal cert.

When I connect using Internet Explorer I get prompted to choose a certificate and the client certificate is there but once I select it the page fails.

Connecting with my Java app, with Entrust in my truststore and the client .p12 in my keystore I get SSL handshake failure.

Using OpenSSL I get the following:

openssl s_client -connect xxx.xxx.xxx:443 -state -nbio
Loading 'screen' into random state - done
turning on non blocking io
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
write R BLOCK
SSL_connect:SSLv3 read server hello A
depth=1 /C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
verify error:num=20:unable to get local issuer certificate
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read finished A
SSL_connect:error in SSLv3 read finished A
read R BLOCK
SSL3 alert read:fatal:handshake failure
SSL_connect:failed in SSLv3 read finished A
1688:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:.\ssl\s3_pkt.c:1053:SSL alert number 40
1688:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:838:

Can anyone help with where the problem lies? Is it on the client or server and with which certificate?

Trending Tags