Apache HTTPD がクライアント証明書をバックエンドサーバーに送信しない理由
Issue
- error_log に次のエラーが表示されます。
Proxy client certificate callback: ($HOSTNAME:443) downstream server wanted client certificate but none are configured
- Datapower サーバーと通信するように Apache http サーバーを設定しようとすると、 Apache ログには以下が表示されます。
[Wed Jan 23 14:02:40.938704 2019] [ssl:info] [pid 12135] SSL Library Error: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure (SSL alert number 40)
[Wed Jan 23 14:02:40.938736 2019] [ssl:info] [pid 12135] [remote 999.999.999:9999] AH01998: Connection closed to child 0 with abortive shutdown (server backenddomain:443)
[Wed Jan 23 14:02:40.938931 2019] [ssl:info] [pid 12135] [remote 999.999.999:9999] AH01997: SSL handshake failed: sending 502
[Wed Jan 23 14:02:40.938984 2019] [proxy_http:error] [pid 12135] (103)Software caused connection abort: [client 888.888.888.888:88888] AH01102: error reading status line from remote server remotedomain:2005, referer: https://domain/app
Environment
- Red Hat Enterprise Linux (RHEL)
- Red Hat Software Collections (RHSCL)
- Red Hat Core Services (JBCS)
- Red Hat JBoss Web Server (JWS)
- Apache Web Server (httpd)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
