Quitting does not guarantee that the SSL cookie is deleted, maybe this only happens for „clear history“ (if at all).
If you want to be sure to know what happens, use "openssl s_client -connect $server:443“ and then type in GET /owncloud/ HTTP/1.1 Host: $server [empty line] where $server is to be replaced. This should also show the renegotiantions. Beste Grüsse, -Marcel Waldvogel Am 02.06.2014 um 08:38 schrieb Mike Morris <[email protected]>: > On 06/01/2014 11:11 PM, Marcel Waldvogel wrote: >> How do you request the static document? (Browser, command line tool, …) It >> might be that the browser already has the connection open, still remembers >> the SSL cookie (which allows to resume a previous connection without the >> full handshake) or will re-present the client cert without asking you again. > I've been using both a browser (Firefox 29 on Ubuntu) and the wget CLI tool. > I think that test I did only in the browser... however, I've been pretty > careful to completely quit the browser and restart it between each test, > since I realized that I was confusing myself with the issues you mentioned. > (I also always uncheck the "Remember this choice" option, so I think I see > all cert requests.) But I'll double check my work and let you know. > > Also, I suppose I should really be testing with curl from the command line, > since that's what OC is using... "wget" is just so easy :-) > > Have a great week! > > MikeM > _______________________________________________ > User mailing list > [email protected] > http://mailman.owncloud.org/mailman/listinfo/user
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ User mailing list [email protected] http://mailman.owncloud.org/mailman/listinfo/user
