Mark Thomas wrote: > Folks, > > I have been looking at bug 46950 [1]. Everything is fine with the BIO > connector but with APR the renegotiation fails to trigger a request for > the user's certificate. I assume that this is because the socket is > still associated with an SSLContext where the SSLVerifyClient is > something other than "require". > > I can't see any obvious ways to fix this without either modifying the > native code or adding a new method to the native interface. Can anyone > see differently? Any pointers to a pure Java solution would be great.
I'd expect this to be solved in tcnative, at least exposing the correct hooks. It's non-trivial, you might have a look at how mod_ssl handles renegotiation. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
