On Mon, Mar 25, 2002 at 05:47:04PM -0000, Bray, Mike wrote:
> Can anyone help by explaining how the session cache works?  We have a web
> site supported by two servers using a content switch to load balance.  The
> content switch goes sticky on SSL id.  We are discovering that when two
> people use SSL at the same time that towards the end of the SSL session the
> content switch suddenly routes one session to the other machine thus causing
> an error because the machine doesn't know anything about the session.
> 
> I have looked at the ssl_engine logs and found that it wants to give a
> session a new id even though the user is sending requests within the
> SSLCacheTimeout time.

and you're absolutely sure that it is not hte client that has requested
a new session? MSIE usually cuts sessions after a couple of minutes 
(the length varies with the browser and ssl version)
> 
> Does the time out last from the start of the session to the end or does it
> last from request to request?

It should last from the start of the session until the timeout, but the
client can cut it short.

> Does the browser affect what happens? 

Ues, see above.

> I have seen discussion about
> nokeepalive with MSIE.  Would this affect it?
> 
I don't think so.

vh

Mads Toftum
-- 
With a rubber duck, one's never alone.
              -- "The Hitchhiker's Guide to the Galaxy"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to