On the customer's internal network, I can produce a request to my SSL site using IE6 SP1 (on Win2K) and find out one cert validation demands, but when I personally use IE6 SP2 (on XP) 13 separate cert validation demands get fired off. Obviously, this slows lower my page load a great deal.
Opera loads the page all right without any unnecessary cert validation demands.
The server is Apache managing a pretty new lampp stack. All of the server certificate / CA chain designs appear to become fine (customers can authenticate w/ reliable certs, the machine can communicate with other systems with this server cert, etc.)
Can there be anything I'm able to do from the configuration perspective? Every other ideas whatsoever?
I am speculating that "upgrade IE" is from the table, right? You are most likely looking for a method to support IE 6., SP2, with XP, so that your customers may use this version.
OK... one thought is attempting to wreck havoc on the SSL configuration. When I remember, SSL has numerous configurations you can use and possibly you are able to change one of these in your server and obtain another behavior. It may be worthwhile to analyze what is happening throughout the SSL Handshake around the working and never-working versions of IE 6.. I like Ethereal, a totally free network traffic watching tool which will capture the SSL. It cannot decrypt it easily, however, you can at any rate begin to see the first couple of messages which happen out of the woodsAnd might give an inkling into why each one of these validation demands are arriving.