Problems with SSLSessionCache

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C418C2.055B0F55
Content-Type: text/plain


> I am getting the following message each time my server tries to cache a
> session id in my dbm file:
>
> [31/Mar/2004 16:03:34 01122] [trace] Inter-Process Session Cache:
> request=SET status=BAD
> id=E05AA054474E712D1E59220EE8A07E46523457EC557ACF1730DB2B319 931C106
> timeout=1199s (session caching)
>
> I know I haven't given much information, but any ideas?
>
> I also get this when it tries to reuse a session:
>
> [31/Mar/2004 16:03:27 01120] [trace] Inter-Process Session Cache:
> request=GET status=MISSED
> id=6E353CAC3C6970AA0EC526304B7DBC97A6CC1451C014B39F9276342D1 B870970
> (session renewal)
>
This only occurs when I turn on client authentication. It works
fine with plain ssl.

Jerrod

------_=_NextPart_001_01C418C2.055B0F55
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2655.72">
<TITLE>Problems with SSLSessionCache</TITLE>
</HEAD>
<BODY>
<BR>
<UL>
<P><FONT SIZE=3D2 FACE=3D"Arial">I am getting the following message =
each time my server tries to cache a session id in my dbm file:</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Courier New">[31/Mar/2004 16:03:34 01122] =
[trace] Inter-Process Session Cache: request=3DSET status=3DBAD =
id=3DE05AA054474E712D1E59220EE8A07E46523457EC557ACF1730DB2B3 19931C106 =
timeout=3D1199s (session caching)</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I know I haven't given much =
information, but any ideas?</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I also get this when it tries to reuse =
a session:</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Courier New">[31/Mar/2004 16:03:27 01120] =
[trace] Inter-Process Session Cache: request=3DGET status=3DMISSED =
id=3D6E353CAC3C6970AA0EC526304B7DBC97A6CC1451C014B39F9276342 D1B870970 =
(session renewal)</FONT></P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">This only occurs =
when I turn on client authentication.  It works fine with plain =
ssl.</FONT>
</P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Jerrod</FONT>
</P>
</UL>
</BODY>
</HTML>
------_=_NextPart_001_01C418C2.055B0F55--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
Jerrod.Loyless [ Fr, 02 April 2004 16:52 ] [ ID #147576 ]

Re: Problems with SSLSessionCache

On April 2, 2004 09:52 am, Loyless Jerrod A Contr ESC/NI7S1 wrote:
> > I am getting the following message each time my server tries to cache
> > a session id in my dbm file:
> >
> > [31/Mar/2004 16:03:34 01122] [trace] Inter-Process Session Cache:
> > request=SET status=BAD
> > id=E05AA054474E712D1E59220EE8A07E46523457EC557ACF1730DB2B319 931C106
> > timeout=1199s (session caching)
> >
> > I know I haven't given much information, but any ideas?
> >
> > I also get this when it tries to reuse a session:
> >
> > [31/Mar/2004 16:03:27 01120] [trace] Inter-Process Session Cache:
> > request=GET status=MISSED
> > id=6E353CAC3C6970AA0EC526304B7DBC97A6CC1451C014B39F9276342D1 B870970
> > (session renewal)
>
> This only occurs when I turn on client authentication. It works
> fine with plain ssl.

That would indicate (probably) that the session is too big, as they
include client certs in when client-auth is being used. You didn't
mention which session cache type you're using - what's the
SSLSessionCache directive in your config? Also, if you run with tracing
on and you get a "GET/MISSED", can you check backwards from there for a
log message with the same id byte-string, hopefully it's a "PUT/MISSED"
or something like that, indicating that the session store failed.

Cheers,
Geoff

--
Geoff Thorpe
geoff [at] geoffthorpe.net
http://www.geoffthorpe.net/

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
Geoff Thorpe [ Fr, 02 April 2004 18:29 ] [ ID #147579 ]
Webserver » gmane.comp.apache.mod-ssl.user » Problems with SSLSessionCache

Vorheriges Thema: Apache Session Reuse with Client Authentication -- Smart Card
Nächstes Thema: Apache Session Reuse with Client Authentication -- Smart Card

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum