DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38553>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38553 ------- Additional Comments From [EMAIL PROTECTED] 2006-04-25 09:37 ------- A request that has no certificitates at all is not necessarily a bad request. When establishing a ssl connection, the server sends its certificate to the client. This includes the certificates of the CAs which are trusted by the server. The client only answers with certificates that are signed by one of the trusted CAs (directly or chained). When the client sends no certificate, it means that he has no matching certificate. This is an authentication issue and has nothing to do with the request syntax. RFC 2616 says for 400 Bad Request: "The request could not be understood by the server due to malformed syntax." As I stated before, a request that has no certificates attached (because there were none in the browser keystore) is not malformed. This behavior is specified in the SSL RFC 2264 "7.4.6. Client certificate (...) If no suitable certificate is available, the client should send a certificate message containing no certificates. (...)" -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
