You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2010/06/02 00:10:49 UTC

DO NOT REPLY [Bug 48933] Client certificate gone after 1 minute timeout (SSL, APR)

https://issues.apache.org/bugzilla/show_bug.cgi?id=48933

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WORKSFORME

--- Comment #5 from Mark Thomas <ma...@apache.org> 2010-06-01 18:10:45 EDT ---
At a guess you are hitting issues with SSL renegotiation and the various
work-arounds put in place for CVE-2009-3555. My tests with 6.0.x (trunk),
1.1.20, openssl 0.9.8k and Firefox 3.6.3 work as expected. After 1 min I get
re-prompted for my cert and everything continues to work.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org