This seems to be indeed a session problem. But it's Netscape specific.
If I look in the log, IE is reusing a session and I can see counters like
request 1 request 2 request 3 and so on.
With Netscape these subsequent requests are very rare.
But: Even if IE is sending a new request, I'm not asked for the certificate
again.
Is someone out there, who successfully uses certificate based client
authentication with Netscape without this effect?
-----Ursprüngliche Nachricht-----
Von: Lutz Jaenicke [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 7. Februar 2001 11:14
An: [EMAIL PROTECTED]
Betreff: Re: question on client authentication using certificates
On Wed, Feb 07, 2001 at 09:34:29AM +0100, Reich, Stefan wrote:
> Hi,
>
> I had the Netscape Problem too. I didn't get an answer up to now.
> The only way to get around this I found up to now is to configure to send
> the certificate automatically, instead of asking.
>
> If you find a better solution, please let me know.
Please make sure that session caching is enabled.
Netscape will ask you for the certificate whenever a new session is being
negotiated. Since this is annoying, the session can be cached, so that
the same information is reused. If session caching does not work or is
not configured, you have new handshake for every request.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
