https://bz.apache.org/bugzilla/show_bug.cgi?id=65975
--- Comment #8 from Christopher Schultz <ch...@christopherschultz.net> --- (In reply to Martin Stangl from comment #6) > org.apache.coyote.http11.Http11AprProtocol had a delay of 1 minute after > selecting the certificate in the browser. > > Tested with Chrome, Edge and Postman with identical results. > > I am happy with Nio working. > But if you want to look into the issue with > org.apache.coyote.http11.Http11AprProtocol, I am willing to support with > testing. > > stderr excerpt for org.apache.coyote.http11.Http11AprProtocol with OpenSSL. > Pauses after "Calling authenticate()": Hmm. > 24-Mar-2022 12:42:07.713 FINE [https-openssl-apr-443-exec-7] > org.apache.catalina.authenticator.AuthenticatorBase.invoke Calling > authenticate() > 24-Mar-2022 12:43:07.754 FINE [https-openssl-apr-443-exec-7] > org.apache.catalina.realm.CombinedRealm.authenticate Attempting to > authenticate user [EMAILADDRESS=martin.sta...@t-base.pro, CN=Martin Stangl, > CN=Users, DC=intranet, DC=t-base, DC=pro] with realm > [org.apache.catalina.realm.UserDatabaseRealm] /Exactly/ 1 minute delay? Are you using OCSP (does OCSP even work for client certs)? Can you snoop outbound network traffic from the server to see if something is making a network connection at the start of this pause? At first, I was thinking "entropy problem" but (a) it was repeatable and (b) it's exactly 1 minute which sounds more like a network timeout than anything else. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
