Joaquim Garcia i Ortells wrote:
> Hy everybody.
>
> after installing Apache(Apache 1.3.9), mod_ssl,( mod_ssl 2.4.10) on
> a Solaris 2.6 i activate the client certification and the problem was
> that my server turn so slowly.
>
> The problem is that my server request the certificate many times no
> only on the inicial step of negotiation.
> Can anybody help me to configure the apache Server for no to ask so
> many times the client certificate?
>
I've got the same problem some times ago. (posted in the list twice with no
answer).
Maybe I posted it in the wrong place (i.e. if it's a bug the bugdb should be
better)
I checked in the list, in the manual (+FAQ +HOWTO) for a solution and every
explanation have sense
but no one was suitable for me.
In my mind, I believe it is some strange Session Cache management but
without the opinion of others, i'm not
sure whether it could be a bug or just my missunderstanding.
But, maybe the trouble in your case is a bit different.
So, please, check if you compiled Apache with
--enable-rule=SSL_SDBM ( or with the MM Memory Shared Library)
2. Set the log_file in mode "trace" and check for something like
"Changed client verification type will force full renegotiation......."
and/or
"Inter-Process Session Cache: request=GET status=MISSED id=......."
during the connections whit too much certificate-request;
Hope to be helpfull
Good luck.
Paolo Di Martino
begin:vcard
n:Di Martino;Paolo
x-mozilla-html:FALSE
org:Omega Generation S.r.l.
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
end:vcard
