You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Venkat V <ve...@gmail.com> on 2015/07/22 16:25:48 UTC

[users@httpd] TLS session tickets

Hi,

We use Apache 2.2.29 on.  We have observed that sessions are enabled even
though we configured to use ticket for the following scenario.

scenario:
1. configure server to use TLS tickets
2. generate a client certificate on server and export it to a
browser(firefox/chrome)
2. try to access web page multiple times

Please note that issue does not occur if we dont use client certificates

configuration file :

# client certificate
SSLCACertificateFile "conf/ssl.crt/ca-rsa.crt"

# renegotiation and client certificate
<Location /temp>
   SSLVerifyClient require
   SSLVerifyDepth 2
</Location>

Log:
[debug] ssl_engine_kernel.c(2786): OpenSSL: Loop: SSLv3 write session
ticket A
...
[debug] ssl_scache_shmcb.c(443): ssl_scache_shmcb_retrieve (0xfe ->
subcache 30)
[debug] ssl_scache_shmcb.c(798): shmcb_subcache_retrieve found no match
[debug] ssl_scache_shmcb.c(458): leaving ssl_scache_shmcb_retrieve
successfully
[debug] ssl_engine_kernel.c(2624): Inter-Process Session Cache: request=GET
status=MISSED
id=FEF6CFEBB06C5ED58058892740B018EFE7827C8508B5FF905D62D1B70040B581
(session renewal)

Can you please clarify the following

1. is this expected behavior?
2. if not, what could be the issue


Thanks & Regards,
Venkat.