Apparently it is OpenSSL bug/ticket number 2288. Hopefully fixed sometime... Regards, David On 12 February 2016 at 18:09, David Bala?ic <xerces9+osl at gmail.com> wrote: > Hi! > > Tomcat released version 8.0.32 which bundles OpenSSL 1.0.2e (see below) > The issue remains (with the change that now IE can not connect at all, > it complains about some TLS stuff, did not look into it). > > Any hints how to tackle this problem are welcome. > > Version details (from tomcat startup log): > Loaded APR based Apache Tomcat Native library 1.2.4 using APR version 1.5.1. > OpenSSL successfully initialized (OpenSSL 1.0.2e 3 Dec 2015) > > Regards, > David > > > On 8 January 2016 at 17:02, David Bala?ic <xerces9+osl at gmail.com> wrote: >> Hi! >> >> I encounter this issue when using Firefox to access tomcat (that is >> using openssl) with client cert authentication. >> >> After a certain timeout, the web application does not "see" the >> clients certificate in requests. >> >> The problem happens on different operating systems (Window,s Linux) >> and browsers. >> >> I reported it to tomcat and Firefox, with not much response. >> >> There is a simple test case in comment 1 of the tomcat bug (see below). >> >> Could someone assist in finding the cause of the problem? >> I also have pcap traces (somewhere) of working and non working network traffic. >> >> >> Latest tested configuration: >> tomcat 8.0.30, using OpenSSL 1.0.1m 19 Mar 2015 >> Firefox 43.0.4 >> OS: Windows 7 Pro SP1 64bit >> >> The tomcat bug with much details: >> >> https://bz.apache.org/bugzilla/show_bug.cgi?id=58244 >> >> Firefox bug report (not much details): >> https://bugzilla.mozilla.org/show_bug.cgi?id=1231406 >> >> Regards, >> David Bala?ic
