Description of problem: SSLVerifyClient is being set to optional_no_ca by default. This is a problem for users that have 2+ client certs (like apparently iOS developers). For our summit keynote, we had to comment this line out in order to get rid of the browser popup. Version-Release number of selected component (if applicable): rhc-node-1.9.9-1.el6oso.x86_64 How reproducible: very if you have 2+ client certs Steps to Reproduce: 1. Create an app 2. Add ssl to the app 3. On a browser (we used chrome) with 2+ client certs installed, go to the app 4. notice the popup in your browser Actual results: browser pop up Expected results: no pop up
Master pull request: https://github.com/openshift/origin-server/pull/2754 Stage pull request: https://github.com/openshift/origin-server/pull/2755
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/1453234bda5a0bf9d9ec50838978ddb357793e85 Bug 970792 - The SSLVerifyClient stanza causes browser popups.
I was able to reproduce this on devenv-stage_353. It was a certificate popup. Verified this on STG with the same chrome browser with more than 2 client certs added, there is no popup now. Steps: 1. Create an applciation 2. Add alias and ssl 3. add the app's ip and alias to /etc/hosts 4. Access this app via https://$alias/ Result: No popup when app is being accessed. Will mark this bug as verified when it's ON_QA, thanks.
Thank you!
This bug has been verified according to comment 3.