IE 6. Disable client certificate caching in SSL State

S

si.allen

Hi,

IE seems to cache a client certificate in the SSL state cache once it
is used. If you remove the client certificate from the PC from the
personal certificate store for the current user, IE doesn't detect
this and STILL sends the cached certificate (Until either the 'Clear
SSL State' button is clicked or browser reopened).

Is there any way to set IE not to cache this client certificate? Is
this controlled by a registry setting? Preventing any caching of
client certificates would be ideal.

Thanks for any help.

Simon
 
S

Simon Allen

Just following up my post for any others running into this. I can't
see a way to disable the SSL State cache in IE6.

Being able to clear the SSL state cache is another option instead of
disabling. There are two ways it seems:

1. Really complex way is to wrap IE programmatically in your own
software and call API calls to reload WinInet to discard its in-memory
certificate cache. Is a poor solution if you don't have control of
the client workstation.

Or

2. You can clear the cache easily from within a web page using
JavaScript:

<script type="text/javascript">
document.execCommand("ClearAuthenticationCache");
</script>

This works on IE 6 and is IE only I believe.

There doesn't seem to be much documentation out there about this. I
was quite surprised.

Cheers,
Simon
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Client certificate / SSL Cache - how exactly does it work? 2
SSL Client certificate in IIS 6.0. Different root CAs? 2
ssl certificate issue 2
certificate 2
IE offers expired certs for client authentification on https pages 1
what is equiv of Netscape Reset master passwd in IE6? 2
How to disable SSL Security Alert in IE 9
Can someone explain this difference in IE behavior? 4

Top