apache/php not getting client certificates

Asked Jun 25 '19 at 14:06

Active Jun 25 '19 at 14:06

Viewed 183 times

We wanted to use client certificates in browsers for some of our users for machine identification. I set up a CA and and signed a client certificate which I installed in chrome.

Then I set the following in apache:
SSLCACertificateFile /etc/ssl/certs/artisanCA-crt.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars

On our test server this worked perfectly. chrome asked to use the client cert and the client cert details were available in php.

When I moved the CA and the settings over to our production server, this didn't work. Chrome didn't ask about the certificate and php didn't get any of the client cert details. The only difference that I can think of between the 2 servers is that on the test server we're using a self-signed cert.

Any ideas?

asked Jun 25 '19 at 14:06

Hillel Millman

1

Did you restart Apache? – Michael Hampton Jun 25 '19 at 14:52
yes I did restart apache. Maybe the CN of the certificate authority has something to do with it? Are there any naming rules for the CN in a CA? – Hillel Millman Jun 26 '19 at 06:48

apache/php not getting client certificates

0 Answers0