Hi! First, thanks to Lutz who has helped me on my previous problems.
Lutz Jaenicke wrote: > - When a session is negotiated, all certificates including the intermediate > CA certificates must be sent. You see this with ethereal. > - When a session is re-used, no certificates are sent at all. Both peers > take their information from their session cache. > - The OpenSSL session cache does not store intermediate (and root) CA > certificates, only the peer's certificate, so when a session is re-used, > this information is not available. > - If you must examine the certificate chain, you only can do it for the > first session negotiated. If i can't get Client-Certificate-Chain from ssl-session-cache and SSL_CLIENT_CERT_CHAIN_n, I thought the way only I can do is to delete a ssl-session-cache on every connection or time Apache start (I have to pick up the value of client chain....) . But I don't know the way to delete a ssl-session-cache manually without using OpenSSL Library function(SSL_flush_session etc). If such DB file stores information of ssl session exists, where is a ssl-session-cache file which stores information of session? If such DB file don't exist, is there any way to delete a ssl-session-cache manually? This question may be sent to OpenSSL-users ML, but I thought there may be the issue I don't notice related with mod_ssl, so i send this mail to this ML. Thanks a lot -- kentaro ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
