2009/3/20 Nelson B Bolyard <nel...@bolyard.me> > > dave davesons wrote, On 2009-03-20 10:18: > > Dear all, > > > > I have configure a reverse proxy with client certificate validation. > > > > When accessing the site using firefox, firefox first asks the user to > > select the certificate to authenticate as it should do. After this first > > authentication, however, the user is asked again to choose the > > certificate to use. In the firefox traces, I see that this second > > authentication is needed for favicon.ico. > > The behavior you describe is due to server misconfiguration. You must > enable the server's session cache, and configure session cache lifetimes > to be long enough that they will last at least as long as a user's > typical session with that server. > --
Hi, thank you for the response. The Mod_nss standard settings have session cache enabled I think. I used the following: NSSSessionCacheSize 10000 NSSSessionCacheTimeout 3600 NSSSession3CacheTimeout 3600 I also tried: NSSOptions +OptRenegotiate but this did not help either. kind regards, Dave -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
