I protect my wordpress administration by a client certificate. I had a trouble in march after upgrading from Wheezy to Jessie but it has been solved and everything ran well until my letsencrypt certificate expired.
I ran a letsencrypt client and it modified apache configuration files as well. The client certificate protected path stopped working on SSL error. Unfortunately I do not have a backup of previous configuration.
I spent few hours but without success. This answer probably explains the fault but I am unable to apply it in my scenerio.
ssl_engine_kernel.c(1908): [client 213.220.230.83:50427] AH02043: SSL virtual host for servername found
ssl_engine_kernel.c(1841): [client 213.220.230.83:50427] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
ssl_engine_kernel.c(1841): [client 213.220.230.83:50428] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
ssl_engine_kernel.c(243): [client 213.220.230.83:50427] AH02034: Initial (No.1) HTTPS request received for child 2 (server www.literak.cz:443)
ssl_engine_kernel.c(591): [client 213.220.230.83:50427] AH02255: Changed client verification type will force renegotiation
[client 213.220.230.83:50427] AH02221: Requesting connection re-negotiation
ssl_engine_kernel.c(791): [client 213.220.230.83:50427] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)
[client 213.220.230.83:50427] AH02226: Awaiting re-negotiation handshake
ssl_engine_kernel.c(1908): [client 213.220.230.83:50427] AH02043: SSL virtual host for servername found
[client 213.220.230.83:50427] AH02261: Re-negotiation handshake failed: Not accepted by client!?
The configuration:
<IfModule mod_ssl.c>
NameVirtualHost 77.93.226.222:80
<VirtualHost 77.93.226.222:443>
DocumentRoot /var/www-data/wordpress
<Directory /var/www-data/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLCACertificateFile /etc/apache2/ssl/leos.pem
<Location /wp-admin>
SSLVerifyClient require
SSLVerifyDepth 1
</Location>
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live//fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Ok, that is weird. I found this topic, where somebody had a problem when a certificate was not imported. I checked it and it was my case as well. The certificate disappeared from my chrome.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments