My Oracle Support Banner

SSL Client Authentication Fails with Estonian Client Certificates (Doc ID 1342438.1)

Last updated on FEBRUARY 22, 2019

Applies to:

Oracle HTTP Server - Version 10.1.2.0.2 to 10.1.3.5.0 [Release AS10gR2 to AS10gR3]
Information in this document applies to any platform.

Symptoms

openssl x509 -noout -text -in clientcert64.cer
Certificate:
Data:
Version: 3 (0x2)
Serial Number: <Serial Number>
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=<DATA>, O=<DATA>, OU=<DATA>, CN=<DATA>
-SK
Validity
Not Before: Mar 1 15:32:40 2011 GMT
Not After : Apr 7 11:42:17 2012 GMT
Subject: C=<DATA>, O=<DATA>, OU=<DATA>, CN=<DATA>
K, GN=<DATA>
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
<DATA>
Exponent: <DATA>
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
X509v3 CRL Distribution Points:
URI:<DATA>

X509v3 Subject Alternative Name:
email:<DATA>
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.10015.3.1.1.1
User Notice:
Explicit Text: <DATA>
CPS: http:<DATA>

qcStatements:
0
0......F..
X509v3 Authority Key Identifier:
keyid:<DATA>

X509v3 Subject Key Identifier:
<DATA>
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha1WithRSAEncryption
<DATA>
[26-APR-2011 16:53:23:563] nzumalloc: entry
[26-APR-2011 16:53:23:563] nzumalloc: entry
[26-APR-2011 16:53:23:563] nzbsn_set_name: exit
[26-APR-2011 16:53:23:563] nzdksesv_store_enc_private: entry
[26-APR-2011 16:53:23:563] nzdksesv_store_enc_private: B_CreateKeyObject() returned error 524
[26-APR-2011 16:53:23:563] nzdksesv_store_enc_private: exit
[26-APR-2011 16:53:23:563] nzumalloc: entry
[26-APR-2011 16:53:23:563] nzumalloc: entry
[26-APR-2011 16:53:23:565] nzbec_expand_cert: returning error: 28750
[26-APR-2011 16:53:23:565] nzbd2c_DER_to_cert: nzbec_expand_cert() returned error 28750
[26-APR-2011 16:53:23:565] nzbd2c_DER_to_cert: returning error: 28750
[26-APR-2011 16:53:23:565] nzdcfcx_free_cert_ctx: entry
[26-APR-2011 16:53:23:565] nzdcfcx_free_cert_ctx: exit
[26-APR-2011 16:54:38:100] nzddrdi_deinit: entry
[26-APR-2011 16:54:38:100] nzddrdi_deinit: exit
26/Apr/2011 16:53:20 04234] [error] SSL call to NZ function nzosGetPeerCredential failed with error 1 (server server:443, client <IP>)
[26/Apr/2011 16:53:20 04234] [error] Unknown error
[26/Apr/2011 16:53:20 04231] [error] SSL call to NZ function nzosGetPeerCredential failed with error 1 (server server:443, client <IP>)
[26/Apr/2011 16:53:20 04231] [error] Unknown error
[26/Apr/2011 16:53:23 04232] [error] SSL call to NZ function nzosGetPeerCredential failed with error 1 (server server:443, client <IP>)
[26/Apr/2011 16:53:23 04232] [error] Unknown error

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.