"James Hastings-Trew" <[EMAIL PROTECTED]> wrote:
> Sounds like you need to put a session cache in your apache config.
Thanks for response, but I already did it (forgot to mention it). Here is
important part of my httpd.conf.
<Directory /var/www/app>
Options Includes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +FakeBasicAuth +StrictRequire +CompatEnvVars +StdEnvVars
SSLRequireSSL
SSLRequire (%{SSL_CLIENT_S_DN_O} eq "MYORG" and
%{SSL_CIPHER_USEKEYSIZE}>=128)
Satisfy all
order deny,allow
deny from all
allow from 192.168.0.0/255.255.255.0
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache/webserver.crt
SSLCertificateKeyFile /etc/apache/webserver.key
SSLCACertificateFile /etc/apache/ca.crt
SSLMutex sem
SSLSessionCacheTimeout 600
SSLSessionCache dbm:/tmp/ssl.cache
SetEnvIf User-Agent "MSIE" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0
SSLLog /var/log/apache/ssl.log
SSLLogLevel info
--
Marcin
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
