[openssl-users] Firefox problems with two way SSL auth
xerces9+osl at gmail.com
Tue Feb 23 15:27:26 UTC 2016
Apparently it is OpenSSL bug/ticket number 2288.
Hopefully fixed sometime...
On 12 February 2016 at 18:09, David Balažic <xerces9+osl at gmail.com> wrote:
> Tomcat released version 8.0.32 which bundles OpenSSL 1.0.2e (see below)
> The issue remains (with the change that now IE can not connect at all,
> it complains about some TLS stuff, did not look into it).
> Any hints how to tackle this problem are welcome.
> Version details (from tomcat startup log):
> Loaded APR based Apache Tomcat Native library 1.2.4 using APR version 1.5.1.
> OpenSSL successfully initialized (OpenSSL 1.0.2e 3 Dec 2015)
> On 8 January 2016 at 17:02, David Balažic <xerces9+osl at gmail.com> wrote:
>> I encounter this issue when using Firefox to access tomcat (that is
>> using openssl) with client cert authentication.
>> After a certain timeout, the web application does not "see" the
>> clients certificate in requests.
>> The problem happens on different operating systems (Window,s Linux)
>> and browsers.
>> I reported it to tomcat and Firefox, with not much response.
>> There is a simple test case in comment 1 of the tomcat bug (see below).
>> Could someone assist in finding the cause of the problem?
>> I also have pcap traces (somewhere) of working and non working network traffic.
>> Latest tested configuration:
>> tomcat 8.0.30, using OpenSSL 1.0.1m 19 Mar 2015
>> Firefox 43.0.4
>> OS: Windows 7 Pro SP1 64bit
>> The tomcat bug with much details:
>> Firefox bug report (not much details):
>> David Balažic
More information about the openssl-users