On Mon, Nov 22, 1999, Radovan Semancik wrote:
> > > > When I set up SSLVerifyClient optional in Location in Virtual host
> > > > context, server requests user certificate on evevry HTTPS request. It
> > > > seems like mod_ssl is iniciating re-negotiation on every request. Should
> > > > not that be chached and user cert requested only once per session?
> > >
> > > Some long hours later I found a solution ...
> > >
> > > Problem was in dbm libraries of solaris. mod_ssl seems not to work
> > > properly with them. The thing that confused me was that there was no
> > > error message in any log.
> > >
> > > When I compiled mod-ssl with built in SDMB it began to work OK.
> >
> > Because a failed cache lookup is not considered an error, of course.
> > But if you use "SSLLogLevel trace" you at least should be able
> > to recognize the constant failing lookups in your situation.
>
> But failed write to cache should be considere an error. I've checked
> database files (.dir, .pag) and they have length of 0.
Then the DBM storing doesn't work. Yes, you're right, mod_ssl should also
explicitly log an error if dbm_store() failed (it currently does only log
failed dbm_open). I've enhanced this for mod_ssl 2.4.9 now, too. But whether
your DBM storing doesn't work I don't know. Seems like a sensible vendor DBM
library. But now that it works with SDBM you don't have to care about it.
Alternatively you can also try the shared memory session cache (via MM
library).
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
