Apache SSL x509 authentication timeout

Asked May 31 '12 at 14:47

Active May 31 '12 at 14:47

Viewed 398 times

I have setup a location to enable client authentication based on x509 certificates:

<Location /authenticate>
  SSLRequireSSL
  SSLVerifyClient require
  SSLVerifyDepth 10
</Location>

The authentication is done by unlocking the smartcard with a PIN. When a user needs more that 30 seconds to unlock his smartcard the response is "No data received". Hitting the reload button works, but most users will run into confusion when they see default browser error page.

How can I modify that timeout to allow longer timeouts?

Thanks!

asked May 31 '12 at 14:47

rthill

Is it reproducibly exactly 30 seconds? – Shane Madden May 31 '12 at 20:51
No not really, if I successfully connect the timeout seems longer, but after a restart I am pretty sure that it is always 30 seconds. Changed already the ttl parameter on the ProxyPass config line to 180 seconds to be sure it is no proxy issue. – rthill Jun 04 '12 at 15:55
Can you get exact time numbers? A packet capture tool like wireshark might be a good way to get this info as well as see exactly where the stall in communication occurs. – Shane Madden Jun 04 '12 at 16:10

Apache SSL x509 authentication timeout

0 Answers0