2-Way SSL Not working If SSL Session is Started in 1-Way SSL With iOS Devices
Last updated on MAY 05, 2017
Applies to:Oracle HTTP Server - Version 18.104.22.168.0 to 22.214.171.124.0 [Release Oracle11g]
Information in this document applies to any platform.
On : 126.96.36.199.0 version, SSL Module
Not prompted to Client Certificate for some URLs in 2-Way SSL when using iOS Device.
The following is the scenario in which this issue is produced.
URL A requires client cert:
URL B does not require client cert:
If accessing URL A directly, one is prompted for client certificate and authenticates successfully.
If accessing URL B first, then request URL A in the same browser session, one is not prompted to provide the required client certificate and the request fails.
The OHS logs report the following error:
The issue can be reproduced at will with the following steps:
1. Request 1-Way SSL URL first in a browser, then request 2-Way SSL URL in the same browser.
2. Note that no prompt for client certificate authentication and the request fails.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms