On 14.08.2009 06:53, matt617 wrote: > > I am using Apaches MOD SSL to do the certificate enforcement. It then uses > the mod proxy to push the certificate info over AJP to my tomcat instance. > tomcat does not have SSL enables at the container level but my application > seems to pick up the certificate info jsut fine this way... > > yes i mean that the browser is prompting the user for their client > certificate repeatedly, roughly once every 10 minutes, this is the problem i > have been struggling with.
Hmmm, do your have the SSL session timeout in Apache set to 600 seconds? It would indicate, that there's a problem with session renegotiation and client certificates. Usually this should work. Check the SSL session timeout to see, whether your 10 minutes could come from the (and choose another value to verify, that the 10 minutes change accordingly). If this is true, I would first update to a recent version of Apache and OpenSSL in order to rule out bugs there. Another possibility could be a browser bug. Does it happen for varous browsers, like MSIE and Firefox? Regards, Rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
