https://issues.apache.org/bugzilla/show_bug.cgi?id=47055
--- Comment #48 from Roger Waldner <[email protected]> 2009-12-16 23:02:09 UTC --- Well, yes this could be the source of the problem. OTH, my impression was that "Apache" (sorry I can't be more specific but I guess it is mod_ssl) defines what a "context" is and therefore uses this OpenSSL functionality. In our tests it showed that entering or leaving (with a HTTPS request) a <Location> which requires client certificates, results in a new SSL session, enforced by the server. BTW: Chasing this behaviour of getting a new SSL session ID revealed that Apache up to and including 2.2.11 did not have this behaviour and Apache versions from 2.2.12 onwards behave as written above. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
