Re: Status of Bug # 39243 (solved my problem)

[Kevin <li...@gnosysllc.com>]

After all the discussion, and rereading documentation and config files 
and the bug report several times over, I noticed that my apache server 
config file used the SSLVerifyClient Directive at level "optional" and 
that the documentation states, "In practice only levels 'none' and 
'require' are really interesting, because level 'optional' doesn't work 
with all browsers".  I was also using the SSLVerifyDepth Directive at a 
depth number of 1.

By commenting out these two directives (the default level for the first 
is none), I solved the problem.

When I remarked earlier that client certificates were not involved at 
all, I mistakenly considered only what was going on with the client, 
failing to consider client certificate directives on the server. 
Apologies if I should have thought of that sooner, and thanks for all 
the helpful replies.

Hope this helps some other folks.

-Kevin