Re: Continuing issues with MultiCert Requests

Simon . Haddon Wed, 30 Aug 2000 15:51:44 -0700

Hi

The only time that I have seen this is when there are HTTP 1.0 requests
instead of 1.1.

With 1.0 the tcp connections are not persistent.  This causes the SSL to be
renegotiated each time the tcp/ip connection is re-established.  This was
happening as a result of using the Apache cache/proxy services which where
converting 1.1 calls to 1.0



Simon Haddon
x3174


                                                                                       
                             
                    "Dr. David J.                                                      
                             
                    Knowles"                   To:     [EMAIL PROTECTED]         
                             
                    <[EMAIL PROTECTED]        cc:                                     
                             
                    .nz>                       Subject:     Continuing issues with 
MultiCert Requests               
                    Sent by:                                                           
                             
                    owner-modssl-users@                                                
                             
                    modssl.org                                                         
                             
                                                                                       
                             
                                                                                       
                             
                    29/08/2000 07:34 am                                                
                             
                    Please respond to                                                  
                             
                    modssl-users                                                       
                             
                                                                                       
                             
                                                                                       
                             




Hi,

A little while ago I ran into a problem where an apache/modssl system
was configured to verify incoming client certificates. The verification
worked fine, however the web server appeared to require the certificate
to be represented for every HTTP GET, this included not only the html
page but the images. Thus there was something like 7 certificate
requests for the first page alone.

A number of people responded to this request with very useful
information about the certificate caching etc.

The problem became more complex:
-    The server which fails is compiled on a Solaris SPARC system
running version SunOS 5.6 of the operating system.
-    A Linux i386 server compiled in the same way works correctly. This
is using the same configuration files as the faulty system.
-    The modules are the following versions: Apache/1.3.12,
ApacheJServ/1.1.2, modl_ssl/2.6.4, OpenSSL/0.9.5a

Is there something I am missing in the differences between the two
operating systems or how mod_ssl/OpenSSL is compiled which could cause
this fault?

Thanks in advance.

Dr. David J. Knowles
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]



______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
Re: Continuing issues with MultiCert Requests

Reply via email to
