Disabling SSL session IDs for session tracking
About this task
This configuration step applies only when delayed certificate authentication has been enabled.
Procedure
Disable the use of SSL session IDs to track session state.
Verify the default "no" value for the ssl-id-sessions stanza
entry in the WebSEAL configuration file:
[session]
ssl-id-sessions = no
Note: In this case, SSL IDs cannot
be used to maintain user sessions because when the user is prompted
for a certificate, the user's SSL ID will change. If ssl-id-sessions is
set to "yes", WebSEAL generates an error message upon startup and
shuts down.