Comment 11 for bug 1833896

Yesterday (2019-06-24) I updated Ubuntu 18.04 and got OpenSSL 1.1.1; after that, every GET-request with a client certificate causes a delay > 15sec.
I use the source-download of apache 2.4.39 (the latest version), TLS 1.3 is not configured.
Because only access to parts of the virtual host should be protected with

  SSLVerifyClient require

I think I have to use it in a LocationMatch block like

    <Location /mylocation>
            SSLVerifyClient require
            SSLVerifyDepth 1
            SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
    </Location>

Behind apache, tomcat 8.5 is used via AJP.

I tried to downgrade OpenSSL to the prior version (with no errors), but the apache log still shows using OpenSSL 1.1.1 (?) and the delay remains.

Because this is a production server, any quick help/workaround is appreciated...