apache2 - SSLSessionCache running but not working

apache-2.2 ssl cache session
68

Solution 1

I'm not familiar with Debian Squeeze, but here are somethings to try:

Try connecting using openssl with the reconnect flag which use the same session 5 times:

openssl s_client -connect your.server.com:443 -state  -reconnect

and see what you get. Look for Session-ID & "Reused."

Other things to rule out:

  • A shot in the dark, but can you replace ${APACHE_RUN_DIR} with the actual path and see if that helps ... ?
  • Rule out write permissions (unlikely, but still) to the ssl_* files you note above by the user running apache.

Solution 2

Mounting tmpfs on /dev/shm and replacing ${APACHE_RUN_DIR} with /dev/shm/apache in fixed it for me:

grep shm /etc/apache2/mods-enabled/ssl.conf
#SSLSessionCache        shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCache        shmcb:/dev/shm/apache_ssl_scache(512000)
Share:
68

Related videos on Youtube

Sefam
Author by

Sefam

Updated on September 18, 2022

Comments

  • Sefam
    Sefam almost 2 years

    I have a language JSON file containing the text of each page on my website. So to fetch the title of the page, I'll do something like

    {{ translation.page1.title }}

    In order to fetch the title for page 1.

    I already have a page variable that tells me the name of the page, I was wondering if it was possible to do something to avoid having a giant if statement for each page such as:

    {{ translation.{{ page }}.title }}

    I've looked through the twig doc and I have no idea.

    • DarkBee
      DarkBee over 7 years
      {{ translation[page].title }} should work
  • Janning
    Janning about 12 years
    As noted apache writes a file into the directory when I use dbm: as my sessionCache. So ${APACHE_RUN_DIR} and write permissions shpouldn't be the problem. I can't test it with openssl as i use a pcks#11 token for my client cert, can't get it to work on command line with openssl
  • lex82
    lex82 about 9 years
    I have the same problem on a windows machine. I tried to connect via openssl as suggested and I actually see that the same Session-ID is used for all reconnects. It also says: "Reused, TLSv1/SSLv3" at the beginning. However, this even happens when I remove the SSLSessionCache line from my apache config. Any ideas what this means?
  • codenamezero
    codenamezero almost 8 years
    that didn't work for me either.
  • codenamezero
    codenamezero almost 8 years
    Been a year, anyone found a solution to this?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Apache cached old ssl certificate
Found CRL is expired - revoking all certificates until you get an updated CRL
SSL session persistence and secure cookies
setup multiple https on same server using different ports
Apache fails to start, ssl issue
sslv3 alert bad certificate when attempting to connect with Mail Client
Setting up SSL for phpMyAdmin
PHP Session File Stored in Temp Directory - Apache
Apache 2 with Weblogic Plug-in Redirection, original location still requested to backend
Setting up SSL: Recompiling Apache with mod_ssl