Sandipan Gangopadhyay sandipan at
Sat Mar 10 21:08:36 CET 2001 is part of your web2ldap. Thanks for the great software. The
reason that I asked is this:
1. I have an Apache1.3.9 with Mod_SSL
2. It has a certificate .key and .crt installed. The .crt is signed by a
Root CA, called (say) XXX.
3. On the other hand, I have an MSIE5.5 browser that has a Digital ID
4. This digital ID was generated with Xenroll and signed by the same Root CA

5. When a cgi program on the server is accessed by the client, the following
method of cgissl is returning 1 (server side SSL only). I want it to be 2
(client side as well). I want to find out how...

sec_sslacceptedciphers = [
intLevel = cgissl.SecLevel(sec_sslacceptedciphers, '/.*', '/.*')

I am only interested in ldap_clientdn2binddn = ['CN'] for now.

My OpenSSL is 0.9.4

What I am basically asking is how do I ensure that Apache and IE negotiate
the client cert as well as the server cert in the HTTPS handshake ?

Is the problem because IE is not using the Digital ID at all ?
Is the problem because Apache cant find the Root CA certificate to match the
signer/issuer of the Digital ID ?
Is the regexp failing ?
How do I find out ?

Thanks for your fast response,


----- Original Message -----
From: "Michael Ströder" <michael at>
To: "Sandipan Gangopadhyay" <sandipan at>
Sent: Sunday, March 11, 2001 12:48 AM
Subject: Re: CGISSL

> Sandipan Gangopadhyay wrote:
> >
> > Is the cgissl module documentation available online ?
> Which module do you mean?
> Ciao, Michael.

More information about the Python-list mailing list