I have setup JBoss 5.1 to do client_cert auth using BaseCertLoginModule.

On the apache web server side, I have setup mod_ssl and mod_jk1.2 to make the web server talk to JBoss.

When I hit a secure url, I get a popup to choose a certificate installed in my browser. Choosing the certificate estabilishes a secure communication between the client and Apache.

Now I get another popup to choose the client cert, which I believe is from the client_cert auth mentioned in web.xml. I can choose the certificate again and everything else works fine.

How do I avoid the second popup to choose the certificate ?