httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] Problems about SSL caching between Internet Explorer and Apache Web Server
Date Fri, 22 Nov 2002 08:17:52 GMT
At a guess, I'd say that the certs are being cached in IE. However, they
must be cached in memory and not on the disk since a reboot clears them.
Therefore, a restart of IE should also clear them... Are you sure that
you are shutting down ALL browser windows in order to restart IE? It is
not sufficient to restart only the window you were visiting the site
with since they share a common cache. Try it again, making sure you kill
all browser instances between tests...

Rgds,

Owen Boyle

-----Original Message-----
From: SAG - Jose Antonio Tarifa [mailto:jatarifa@omel.es]
Sent: Donnerstag, 21. November 2002 17:52
To: apachelist
Subject: [users@httpd] Problems about SSL caching between Internet
Explorer and Apache Web Server


Hello group.
 
We are having problems with SSL caching between Internet Explorer and
Apache.
 
The Web is using SSL with client authentication based on certificates
stored on SmartCards.
 
During the first login, the browser asks the certificate (plus the PIN
of the smartcard) and the user enters correctly. If afterwards, the user
closes the browser, and restart it again, they can login to the system
without any request for certificate or PIN.
 
As a result, the only way to select a different certificate for entering
the same site is to restart the client computer. In the other hand,
other users could be able to enter the site and navigate through it
after the first login, without any smartcard.
 
It seems that the SSL session is cached somewhere (proxy?, firewall?),
but nothing has been found in the configuration options of these
elements in order to avoid this behavior.
 
This problem has never occurred with Netscape browsers.
 
Can anyone give us any hint?
 
Thank you very much.
 
------------------------------------------------------------------------
-----------------
José Antonio Tarifa Lorenzo
Departamento de Desarrollo
Compañía Operadora del Mercado Español de Electricidad, S.A.
c/Alfonso XI, 6 4ª Planta. 28014 Madrid
email: jatarifa@omel.es
------------------------------------------------------------------------
-----------------

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message