2-Way SSL Not working If SSL Session is Started in 1-Way SSL With iOS Devices

(Doc ID 2262724.1)

Last updated on MAY 05, 2017

Applies to:

Oracle HTTP Server - Version to [Release Oracle11g]
Information in this document applies to any platform.


On : version, SSL Module

Not prompted to Client Certificate for some URLs in 2-Way SSL when using iOS Device.
The following is the scenario in which this issue is produced.

URL A requires client cert:

URL B does not require client cert:

If accessing URL A directly, one is prompted for client certificate and authenticates successfully.

If accessing URL B first, then request URL A in the same browser session, one is not prompted to provide the required client certificate and the request fails.

The OHS logs report the following error:

The issue can be reproduced at will with the following steps:
1. Request 1-Way SSL URL first in a browser, then request 2-Way SSL URL in the same browser.
2. Note that no prompt for client certificate authentication and the request fails.




Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms