#72 closed defect (fixed)
https prompts for certificates way too often
| Reported by: | andersk | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | web | Keywords: | |
| Cc: |
Description
With Firefox's new default of "ask every time" for client certificates, certificate-authenticated pages on scripts have been prompting for certificates multiple times on almost every page load. This does not seem to be a Firefox problem, since https://sipb-xen-dev.mit.edu/ doesn't exhibit it.
Change History (4)
comment:1 Changed 15 years ago by geofft
- Milestone set to None
comment:2 Changed 14 years ago by andersk
This looks possibly related? (I’m not sure since I don’t really understand SSL session caching, but it looks like it might be worth trying.)
http://thread.gmane.org/gmane.comp.apache.devel/39576 [PATCH] mod_ssl: improving session caching for SNI configurations
comment:3 Changed 14 years ago by mitchb
- Resolution set to fixed
- Status changed from new to closed
Lo and behold, it fixes the problem!
A new version of the patch in the above message, with a couple slight local revisions, was committed as r1348, and has been deployed. Where https://debathena.mit.edu:444/trac used to prompt me for my certificate five times, it only does so once now.
Well,
https://web.mit.edu/consult/www/certificate/test.html
and other web.mit.edu sites do exhibit this behavior. What do scripts and web do with httpd that xvm doesn't (or vice versa)?