Apache SSL error: Re-negotiation handshake failed: Not accepted by client?
Ok, that is weird. I found this topic, where somebody had a problem when a certificate was not imported. I checked it and it was my case as well. The certificate disappeared from my chrome.
Related videos on Youtube
Leos Literak
Java enthusiast (since 1996), author of www.abclinuxu.cz website (aka stackexchange for czech/slovak linux users), solution architect, developer ..
Updated on September 18, 2022Comments
-
Leos Literak over 1 year
I protect my wordpress administration by a client certificate. I had a trouble in march after upgrading from Wheezy to Jessie but it has been solved and everything ran well until my letsencrypt certificate expired.
I ran a letsencrypt client and it modified apache configuration files as well. The client certificate protected path stopped working on SSL error. Unfortunately I do not have a backup of previous configuration.
I spent few hours but without success. This answer probably explains the fault but I am unable to apply it in my scenerio.
ssl_engine_kernel.c(1908): [client 213.220.230.83:50427] AH02043: SSL virtual host for servername found ssl_engine_kernel.c(1841): [client 213.220.230.83:50427] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) ssl_engine_kernel.c(1841): [client 213.220.230.83:50428] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) ssl_engine_kernel.c(243): [client 213.220.230.83:50427] AH02034: Initial (No.1) HTTPS request received for child 2 (server www.literak.cz:443) ssl_engine_kernel.c(591): [client 213.220.230.83:50427] AH02255: Changed client verification type will force renegotiation [client 213.220.230.83:50427] AH02221: Requesting connection re-negotiation ssl_engine_kernel.c(791): [client 213.220.230.83:50427] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation) [client 213.220.230.83:50427] AH02226: Awaiting re-negotiation handshake ssl_engine_kernel.c(1908): [client 213.220.230.83:50427] AH02043: SSL virtual host for servername found [client 213.220.230.83:50427] AH02261: Re-negotiation handshake failed: Not accepted by client!?
The configuration:
<IfModule mod_ssl.c> NameVirtualHost 77.93.226.222:80 <VirtualHost 77.93.226.222:443> DocumentRoot /var/www-data/wordpress <Directory /var/www-data/wordpress> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> SSLCACertificateFile /etc/apache2/ssl/leos.pem <Location /wp-admin> SSLVerifyClient require SSLVerifyDepth 1 </Location> CustomLog ${APACHE_LOG_DIR}/access.log combined SSLCertificateFile /etc/letsencrypt/live//fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule>