I am trying to implement in Apache PKI authentication with digital certificates stored on the token / smart card.
I'm using XAMPP 5.6.8.0-VC11 on a Windows 7 computer.
Following what I discovered by searching the internet, I uncommented the following settings for the httpd-ssl.conf
file in the Apache settings:
SSLVerifyClient require
SSLVerifyDepth 10
From there, by going to the link , the browser (IE 11, Chrome 43 and FF 38) displays the digital certificate selection screen (use a e-CPF in the ICP-Brazil standard, stored in token) and requests the password.
After entering the password and pressing ENTER , the behavior in browsers is as follows:
In IE, I get a page with the message:
This page can not be displayed.
In FF, it loads the page indefinitely.
In Chrome, the message is displayed:
Certificate-based authentication failed ERR_BAD_SSL_CLIENT_AUTH_CERT
and clicking "details" appears:
This server requires an authentication certificate and did not accept the which was sent by the browser. Your certificate may have expired or the server does not trust the sender of it. Please try again with a certificate, if you have one, or you will need to obtain a certificate valid from elsewhere.
I have tested several additional settings that I found on the internet, but nothing works. I have also changed the Windows Internet Options for SSL and TSL, also if successful.
I would like to find out how to implement digital certificate authentication for a more secure login system that is in development.
Has anyone had it or do you know how to solve it?