httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 47055] SSLVerifyClient + Directory doesn't use cache sessions
Date Wed, 09 Sep 2009 12:23:42 GMT

--- Comment #29 from Will Rowe <> 2009-09-09 05:23:32 PDT ---
Just for fun, would you try; 

        SSLVerifyClient optional
        SSLVerifyDepth  10

        <Location "/test">
          SSLVerifyClient require
          SSLVerifyDepth  10
          SSLOptions +OptRenegotiate

The first line ensures that the client-certificate accepted session will be
honored when the user navigates from /test, to say, /data and back again,
or when they start a new request that hasn't resolved to /test.

I'm a bit confused why the same session would not be reused until the session
expires, irrespective of the URL-path.  So I'm concerned that httpd may be 
handshaking, refusing their certificate, and renegotating for the session with
the certificate immediately afterwards.  This would be suboptimal.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message