4 Replies Latest reply on Nov 19, 2012 7:54 AM by daisy

    How to access REST services when SSLVerifyClient is set to require?

    daisy

      I've configured Apache to use client certificates (SSLVerifyClient require) signed by our local CA (SSLCACertificateFile ..) and I created an authentication plugin for Jive.

      Logging on using the certificate works.

       

      However, all integrations from other applications are now broken.

      For example, we have an application written in C which uses the Create Document REST service (https://<myapp>/api/core/v2/my/private/documents) and it no longer works and throws an exception:

      "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure"

      I imagine the request is being rejected by Apache due to the 'SSLVerifyClient require' directive.

       

      My current hack solution is to set SSLVerifyClient to 'optional' and re-write the logon.ftl theme to a 1-liner page stating: "Access Restricted".

       

      What's a better way to fix this problem?