SSL Reading CAC Card with every page load.

Discussion in 'Server Operation' started by penciled, Mar 8, 2007.

  1. penciled

    penciled New Member

    I'm not the server admin- I just do a little development, but we're having a problem that our admin hasn't been able to resolve.

    We're required to use PKI - CAC Cards for security reasons so everyone has a card with their cert, they enter their PIN and can gain access.

    The IIS guys are able to read a card, validate then 'cache' the cert and don't have to read the card again until a new session starts, but we haven't figured out how to do that with Apache.

    While we only have to enter the PIN one time, the card is read with every page that loads, creating a ~3 second delay, which is undesirable. Is there an option to have the information from the card cached so re-reading isn't done?

    I thought it might be the SSLSessionCache, which I have set as follows:
    SSLSessionCache dbm:/var/log/apache/ssl_scache
    SSLSessionCacheTimeout 300

    Is there something else I can do?

    I appreciate any help. (if more information would help, just let me know and I'll try to get it)

Share This Page