>Does your module attempt to force the user to (re)authenticate to it every >time it needs to use the private key? >Does it attempt to do this by (re)entering a read-only state such as >CKS_RO_PUBLIC_SESSION after it performs a private key operation? >If so, that's your problem.
The module enters CKS_RO_USER_FUNCTIONS after a successful login (C_Login) and stays so until (C_Logout) when I put the status of all sessions to CKS_RO_PUBLIC_SESSION. The certificate select dialog happens between two to Signs... - enter site url - C_Login (enter pin) => if OK then CKS_RO_USER_FUNCTIONS - Cert selection dialog - C_SignInit - C_Sign - Enters site, display user info and confirm login button, (then click) - Cert selection dialog (the second one) - C_SignInit - C_Sign - on site.... When testing today, the logons (on that apache site) they were as they should be, no multiple selection of certificates... Also we have set up another similar site on a windows machine with IIS, and there also were no such problems... Therefore it really seems the guys of that site had their apache misconfigured, and now I can tell them so... ...thanks -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
