000018588 - MSIE cannot link to revoke or re-issue from the enrollment server

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000018588
Applies ToKeon Sentry CA 4.0 and higher
Keon Certificate Authority
Microsoft Windows NT 4.0
Sun Solaris 2.6
TechNote 0274
IssueMSIE cannot link to revoke or re-issue from the enrollment server
Cannot connect to the "Re-issue your client certificate" or the "Revoke your client certificate" link from the Enrollment server when using MSIE.
CauseMSIE has trouble when switching between two virtual hosts if session caching is on. When clicking on the "Re-issue" link or the "Revoke" link, the user is switched from the enrollment server to the administrative server, since MSIE does not properly recognize the switch no opportunity is given to choose the certificate to have re-issued or revoked.
ResolutionHow to turn on or off session caching with the Keon Certificate Authority in httpd.conf causes every new page to create a new session, which allows MSIE to recognize the switch between virtual hosts.
Keon Sentry CA 4.0.x and above version ship with caching turned off on the enrollment server
If you have an older version of Keon Sentry CA, or have turned caching on, you can turn caching off for the enrollment server by following the solution: How to turn on or off session caching with the Keon Certificate Authority.
Legacy Article IDa2049

Attachments

    Outcomes