https://issues.apache.org/bugzilla/show_bug.cgi?id=46950
--- Comment #9 from Mark Thomas <ma...@apache.org> 2009-05-27 06:08:48 PST --- The proposed patch does not work exactly as intended. It does not trigger renegotiation, rather it sets SSLVerifyClient for the all future SSL sessions created by that request processor. The side effects of this are: - cert still not prompted for when transitioning from resource that doesn't require cert to one that does - subsequent SSL requests handled by that processor will prompt for a cert, even when not required. As per comment #7, a fix for this that aligns the APR/native connector behaviour with the Java connectors will require a change to the native component of the native connector (to enable the connection to be renegotiated for the current connection). -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
