Šandor Feldi wrote:
I do get multiple certificate selection dialogs in sequence at SSL
session start...so I have to reselect the same cert, say twice...
I enter the https of the target site, I get asked about the cert - I
select it, then the site displays my info and offers me an>enter
site< button, then it asks me again for the cert... this is was
confuses me... why?
The web site is also something you develop ?
There's a number of pitfall in apache/mod_ssl configuration that will
cause it to throw away the existing user identification info, and ask
again. If that's the kind of configuration you are using it's quite
likely your problem is more such an apache/mod_ssl problem.
https://issues.apache.org/bugzilla/show_bug.cgi?id=48215
https://issues.apache.org/bugzilla/show_bug.cgi?id=48228
https://issues.apache.org/bugzilla/show_bug.cgi?id=47055
https://issues.apache.org/bugzilla/show_bug.cgi?id=44961
You might have a better behavior by making sure you use the latest
apache version update and setting the OptRenegotiate option :
http://httpd.apache.org/docs/2.2/en/mod/mod_ssl.html#ssloptions
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
