[openssl-users] Firefox problems with two way SSL auth

David Balažic xerces9+osl at gmail.com
Fri Feb 12 17:09:59 UTC 2016


Hi!

Tomcat released version 8.0.32 which bundles OpenSSL 1.0.2e (see below)
The issue remains (with the change that now IE can not connect at all,
it complains about some TLS stuff, did not look into it).

Any hints how to tackle this problem are welcome.

Version details (from tomcat startup log):
Loaded APR based Apache Tomcat Native library 1.2.4 using APR version 1.5.1.
OpenSSL successfully initialized (OpenSSL 1.0.2e 3 Dec 2015)

Regards,
David


On 8 January 2016 at 17:02, David Balažic <xerces9+osl at gmail.com> wrote:
> Hi!
>
> I encounter this issue when using Firefox to access tomcat (that is
> using openssl) with client cert authentication.
>
> After a certain timeout, the web application does not "see" the
> clients certificate in requests.
>
> The problem happens on different operating systems (Window,s Linux)
> and browsers.
>
> I reported it to tomcat and Firefox, with not much response.
>
> There is a simple test case in comment 1 of the tomcat bug (see below).
>
> Could someone assist in finding the cause of the problem?
> I also have pcap traces (somewhere) of working and non working network traffic.
>
>
> Latest tested configuration:
> tomcat 8.0.30, using OpenSSL 1.0.1m 19 Mar 2015
> Firefox 43.0.4
> OS: Windows 7 Pro SP1 64bit
>
> The tomcat bug with much details:
>
> https://bz.apache.org/bugzilla/show_bug.cgi?id=58244
>
> Firefox bug report (not much details):
> https://bugzilla.mozilla.org/show_bug.cgi?id=1231406
>
> Regards,
> David Balažic


More information about the openssl-users mailing list