On Thu, Aug 24, 2000 at 06:57:49AM +1000, Stanley Hopcroft wrote:
> Dear Ladies and Gentlemen,
>
> I am writing to say that it seems to me that when my SSL server proxies
> requests to an origin server, that each part of the requested page is
> fetched by a new SSL session (eg there are lots of [info] level
> messages in the SSL servers log about Seeding, Connection, and Initial
> HTTPS request. There are no Subsequent messages).
>
> In other words, that the SSL client is forced to handshake for each
> part of the page, or that there is no session caching.
>
> Is this correct ?
There is probably a bug in the SSL proxying code - there has been another
similar report not too long ago.
>
> Is it caused by the TCP connection not being kept alive between the
> SSL server and the origin server (because HTTP 1.0 does not support TCP
> session keepalives) ?
No, it is a problem with the sessions not being reused.
>
> Is there are any way to overcome it ?
>
Sure, just fix the code ;-)
Perhaps you could use an SSL tunnel[1] and the standard proxy functionality
in Apache.
[1] could be something like www.stunnel.org
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
