On Thu, 17 Nov 2005, Seth Milder wrote:
I have a Java Applet that connects to a site requiring client side
certificates.
Then it's a https site, and the appliet connects via the proxy
using the CONNECT method, right?
The site is running Apache 2.0.54 with a keepalive timeout of
15 minutes. As a result the applet prompts the user for a client side
certificate on its inital connection and does not prompt again unless the
user has been idle for more than 15 minutes. My problem is that when we try
this through our Squid proxy, the Applet prompts the user on virtually every
request, making for a very annoying user experience.
Sounds like a broken applet to me.
When using the CONNECT method there is a bidirectional tunnel opened
between the client and the requested web site. The proxy does not modify
the data flow in any manner or impose any additional policies on
keep-alive timeouts etc.
Regards
Henrik
