On Wed, Dec 01, 1999 at 03:09:45PM -0800, Tom Vaughan wrote:
> I searched the archives (ran through the debugger, just called netscape
> support, ...) and came up empty, so...
Well, there should be similar messages in the archive, but never mind,
since no answer was ever found...
> When our server is setup to require client certs, we've found that netscape
> on Windows 9x and NT (not IE and not netscape on GNU/Linux) will "hang" on
> the first connection to the server for an indefinite amount of time. After
> hitting stop or ESC, and then re-requesting the URL, everything works
> fine. This has something to do with the pass phrase used to protect the
> client's private key. When the private key is NOT pass phrase protected,
> everything works fine. And the reason this works after hitting stop or ESC
> is because netscape already knows the pass phrase. Any one have similar
> problems?
Yes, I had the problems and I know of other people also being able to
reproduce the problem.
I never managed to see this problem with Netscape in a Unix-variant.
I have discussed this problem with Nelson Bolyard in the newsgroup
netscape.dev.ssl, thread "Client certificate problem with Win32"
in August 1999. Result was, that he could not reproduce the problem
with Netscape older than 4.7, because it immediately crashed, but that
the problem did not appear when using 4.7 (beta at that time).
In my case, the problem suddenly vanished during my experiments with
upgrading/downgrading netscape versions and is gone since, so maybe
there are some DLLs included, maybe not. I simply don't know.
I can however tell you, that the problem also appears when using
other services like SMTP with TLS (you can find information at
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/).
So it is either a problem with the underlying OpenSSL library (which
I don't really believe after having tried to track this thing down through
the lib and didn't find anything: The server sends a good answer and
Netscape just does not continue after entering the password) or it
is a problem with Netscape, which I think to the better guess.
Sorry, no better answer, but I am also still looking for a better
explanation.
Good luck,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
