Hi,
I configured mod_ssl for requiring a user certificate in a location.
Every time I access an URL in this location I am asked for a certificate
(good !)
Every sublevel asks again for a certificate , all the time :-(
Is there a way to create an "authenticated user session" after the first
handshake ?
I thought the mm shm was allowing a sort of single sign-on. What am I
missing ?
Thanks for any advice.
Jean-Luc Rochat
------- config -------
I've here :
Browser: Netscape 4.7 En export-grade fortified.
Server: Apache/1.3.9 (Unix) mod_perl/1.21 PHP/3.0.12 ApacheJServ/1.1b3
mod_ssl/2.4.9 OpenSSL/0.9.4
mm-1.0.11 configured like this :
./configure --disable-shared --prefix=$TARGET/mm
mod_ssl configured like this :
./configure \
--with-apache=$SOURCE/$APACHE \
--with-ssl=$TARGET/openssl \
--with-mm=$TARGET/mm \
in httpd.conf :
SSLSessionCache shm:/usr/local/apache/logs/ssl_scache(512000)
<Location /x509authservlet/>
SSLVerifyClient require
SSLVerifyDepth 10
</Location>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
