Hi, (This time I might remember to set a subject field....) I am runing Apache/1.3.12 mod_ssl/2.6.6 OpenSSL/0.9.5a) running on 64bit HPUX 11.00. I continue to have issues with session caching. I have logging below that shows the behaviour. Basically it shows a session (SET) and a MISS about a minute later. All I can see is the pid's of the threads are different, so it apears that one of the threads cannot get a session from the gdbm database (?). I am using gdbm 1.8 if this is relevent. a grep on MISSED in the logs show that all httpd threads have MISSED the cache at some stage. I've noticed that the protocol used (sslv3/tls) doesn't appear to have a bearing on the gdbm misses. Because we are using user certs, this is making the access to the website unpleasant (to say the least :) Any ideas?? Here are the logs, (note all are within 1 minute - I've removed the times to make it more legible. [ 04452] [trace] Certificate Verification: depth: 3, subject: /O=xxx [ 04452] [trace] Certificate Verification: depth: 2, subject: /C=xxx [ 04452] [trace] Certificate Verification: depth: 1, subject: /C=xxx [ 04452] [trace] Certificate Verification: depth: 0, subject: /C=xxxTEST2/Email=xxx@workcover. [ 04452] [trace] OpenSSL: Loop: SSLv3 read client certificate A [ 04452] [trace] OpenSSL: Loop: SSLv3 read client key exchange A [ 04452] [trace] OpenSSL: Loop: SSLv3 read certificate verify A [ 04452] [trace] OpenSSL: Loop: SSLv3 read finished A [ 04452] [trace] OpenSSL: Loop: SSLv3 write change cipher spec A [ 04452] [trace] OpenSSL: Loop: SSLv3 write finished A [ 04452] [trace] OpenSSL: Loop: SSLv3 flush data [ 04452] [trace] Inter-Process Session Cache: request=SET status=OK id=4259EB615AAD42EC44217EC51E5EB76EE703B9D7F0042BA6BE81311C453AF43E timeout=3582s (session caching) [ 04452] [trace] OpenSSL: Handshake: done [ 04452] [info] Connection: Client IP: 172.20.11.220, Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits) [ 04452] [info] Initial (No.1) HTTPS request received for child 9 (server aaa.com:443) [ 04452] [info] Connection to child 9 closed with unclean shutdown (server aaa.com:443, client 172.20.11.220) [ 04437] [info] Connection to child 7 established (server aaa.com:443, client 172.20.11.220) [ 04437] [info] Seeding PRNG with 1160 bytes of entropy [ 04437] [trace] OpenSSL: Handshake: start [ 04437] [trace] OpenSSL: Loop: before/accept initialization [ 04437] [trace] Inter-Process Session Cache: request=GET status=MISSED id=4259EB615AAD42EC44217EC51E5EB76EE703B9D7F0042BA6BE81311C453AF43E (session r enewal) [ 04437] [trace] OpenSSL: Loop: SSLv3 read client hello A [ 04437] [trace] OpenSSL: Loop: SSLv3 write server hello A [ 04437] [trace] OpenSSL: Loop: SSLv3 write certificate A [ 04437] [trace] OpenSSL: Loop: SSLv3 write certificate request A [ 04437] [trace] OpenSSL: Loop: SSLv3 flush data [ 04437] [trace] Certificate Verification: depth: 3, subject: /O=xxx [ 04437] [trace] Certificate Verification: depth: 2, subject: /C=xxx [ 04437] [trace] Certificate Verification: depth: 1, subject: /C=xxx [ 04437] [trace] Certificate Verification: depth: 0, subject: /C=xxxTEST2/Email=xxx@workcover. [ 04437] [trace] OpenSSL: Loop: SSLv3 read client certificate A [ 04437] [trace] OpenSSL: Loop: SSLv3 read client key exchange A [ 04437] [trace] OpenSSL: Loop: SSLv3 read certificate verify A [ 04437] [trace] OpenSSL: Loop: SSLv3 read finished A [ 04437] [trace] OpenSSL: Loop: SSLv3 write change cipher spec A [ 04437] [trace] OpenSSL: Loop: SSLv3 write finished A [ 04437] [trace] OpenSSL: Loop: SSLv3 flush data [ 04437] [trace] Inter-Process Session Cache: request=SET status=OK id=52FB708EC0BEBD2E88D7211C3E8B2C0702C1BA7A8919F674CBE3F8022EFCA563 timeout=3595s (session caching) [ 04437] [trace] OpenSSL: Handshake: done [ 04437] [info] Connection: Client IP: 172.20.11.220, Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits) [ 04437] [info] Initial (No.1) HTTPS request received for child 7 (server xxx.com:443) [ 04437] [info] Connection to child 7 closed with unclean shutdown (server xxx.com:443, client 172.20.11.220) [ 04430] [info] Connection to child 0 established (server xxx.com:443, client 172.20.11.220) [ 04430] [info] Seeding PRNG with 1160 bytes of entropy [ 04430] [trace] OpenSSL: Handshake: start [ 04430] [trace] OpenSSL: Loop: before/accept initialization [ 04430] [trace] Inter-Process Session Cache: request=GET status=MISSED id=52FB708EC0BEBD2E88D7211C3E8B2C0702C1BA7A8919F674CBE3F8022EFCA563 (session r enewal) [ 04430] [trace] OpenSSL: Loop: SSLv3 read client hello A etc. *************************************************************************** This message and any attachments is/are intended for the person/s to whom it was addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the sender promptly and destroy the message without copying it or divulging its contents to any person. *************************************************************************** ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
