DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=39243>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39243 ------- Additional Comments From [EMAIL PROTECTED] 2007-07-15 10:25 ------- (In reply to comment #22) > Perhaps the client-certificate SSL session times out or something, which > forces httpd to renegotiate again? If so, this is yet another use case that > supports adding a configurable per-location buffer directive. I confirmed that the SSLSessionCacheTimeout affects renegotiation. Therefore, at least for interactive applications where the upload form uses a GET request, I believe this issue can be worked around by setting SSLSessionCacheTimeout to a value at least as large as the application session timeout. The default of 300 on CentOS 5 was easily exceeded by a user who is uploading an attachment, while also filling in associated description and other form fields before clicking Submit. > As stated in the docs, "SSLVerifyClient optional" doesn't work for all > clients (e.g. WebDAV on win2k for one). Correction: I'm not sure about WebDAV on win2k working with optional or not -- the test I did earlier was incorrect. However, the point stands since I do not want clients to be prompted for certificates anyway. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
