?
From: mcgr...@nps.edu
To: users@httpd.apache.org
Date: Thu, 4 Jun 2015 19:32:33 +
Subject: Re: [users@httpd] Client Auth Retries
I think that’s part of it—SSLSessionCache on the server was set to five minutes.
Dialing it down to 10 seconds seems to have solved the problem
on Safari, but
cgr...@nps.edu>
To: users@httpd.apache.org<mailto:users@httpd.apache.org>
Date: Wed, 3 Jun 2015 23:21:57 +0000
Subject: Re: [users@httpd] Client Auth Retries
This behavior is puzzling.
*Once the browser goes to the “mistake” page, it won’t renegotiate
the SSL connection with the smart ca
mcgr...@nps.edu
To: users@httpd.apache.org
Date: Wed, 3 Jun 2015 23:21:57 +
Subject: Re: [users@httpd] Client Auth Retries
This behavior is puzzling.
*Once the browser goes to the “mistake” page, it won’t renegotiate
the SSL connection with the smart card despite
- No open https connectio
This behavior is puzzling.
*Once the browser goes to the “mistake” page, it won’t renegotiate
the SSL connection with the smart card despite
- No open https connections to the server
- The behavior persists across a server restart
- The behavior persists across a “clear cache” on the client
I’m trying to set up client authentication using smart cards and be reasonably
polite about
auth failures. A typical failure mode is that the user doesn’t have the card
inserted; I
should send them to a warning page, then let them retry.
The relevant config file for the top level:
SSLVerifyCli