Yesterday (2019-06-24) I updated Ubuntu 18.04 and got OpenSSL 1.1.1; after that, every GET-request with a client certificate causes a delay > 15sec.
I use the source-download of apache 2.4.39 (the latest version), TLS 1.3 is not configured.
Because only access to parts of the virtual host should be protected with
SSLVerifyClient require
I think I have to use it in a LocationMatch block like
Yesterday (2019-06-24) I updated Ubuntu 18.04 and got OpenSSL 1.1.1; after that, every GET-request with a client certificate causes a delay > 15sec.
I use the source-download of apache 2.4.39 (the latest version), TLS 1.3 is not configured.
Because only access to parts of the virtual host should be protected with
SSLVerifyClient require
I think I have to use it in a LocationMatch block like
<Location /mylocation>
SSLVerifyC lient require
SSLVerifyD epth 1
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
Behind apache, tomcat 8.5 is used via AJP.
I tried to downgrade OpenSSL to the prior version (with no errors), but the apache log still shows using OpenSSL 1.1.1 (?) and the delay remains.
Because this is a production server, any quick help/workaround is appreciated...