On Tue, Aug 29, 2000 at 09:34:58AM +1200, Dr. David J. Knowles wrote:
> Hi,
>
> A little while ago I ran into a problem where an apache/modssl system
> was configured to verify incoming client certificates. The verification
> worked fine, however the web server appeared to require the certificate
> to be represented for every HTTP GET, this included not only the html
> page but the images. Thus there was something like 7 certificate
> requests for the first page alone.
>
> A number of people responded to this request with very useful
> information about the certificate caching etc.
>
> The problem became more complex:
> - The server which fails is compiled on a Solaris SPARC system
> running version SunOS 5.6 of the operating system.
> - A Linux i386 server compiled in the same way works correctly. This
> is using the same configuration files as the faulty system.
> - The modules are the following versions: Apache/1.3.12,
> ApacheJServ/1.1.2, modl_ssl/2.6.4, OpenSSL/0.9.5a
>
> Is there something I am missing in the differences between the two
> operating systems or how mod_ssl/OpenSSL is compiled which could cause
> this fault?
>
I don't think it is the os - at least I've had no trouble at all on
Solaris 7. Which kind of session chache mechanism is it? On Sun I'd
definetely recommend using mm for your session caching, but that's
strictly a performance issue. To get a bit more info about what is
happening, you could set SSLLogLevel to trace - that way you will
be able to see in the logfile what the cache is doing.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
