There exists a web service built-in PHP and running on Apache that needs client certificate based authentication. The customer that is consuming this particular service is applying some mixture of .Internet technologies.
We have encounter an issue where if our side gripes in regards to a request (for example, tossing an HTTP 400 error) the following request from their store will fail.
What they are seeing:
System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'example.com'. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- ...
What we should see within our logs:
[Thu Nov 10 21:51:50 2011] [error] [client 0.0.0.0] insecure SSL re-negotiation required, but a pipelined request is present; keepalive disabled [Thu Nov 10 21:51:50 2011] [error] [client 0.0.0.0] Re-negotiation handshake failed: Not accepted by client!?
Any understanding of the way we could possibly get past this is much appreciated.