I am using SSLSessionCache dbm:/usr/local/apache/logs/ssl_cache. The dbm files are created but they remain empty when I attempt with client auth turned on. Where is the size limitation set on the caching of sessions? I do see the request=SET, status=BAD as you mentioned, which seems to indicate that Apache is never able to write to the file.
Jerrod -----Original Message----- From: Geoff Thorpe [mailto:[EMAIL PROTECTED] Sent: Friday, April 02, 2004 10:30 AM To: [EMAIL PROTECTED] Subject: Re: Problems with SSLSessionCache On April 2, 2004 09:52 am, Loyless Jerrod A Contr ESC/NI7S1 wrote: > > I am getting the following message each time my server tries to > > cache a session id in my dbm file: > > > > [31/Mar/2004 16:03:34 01122] [trace] Inter-Process Session Cache: > > request=SET status=BAD > > id=E05AA054474E712D1E59220EE8A07E46523457EC557ACF1730DB2B319931C106 > > timeout=1199s (session caching) > > > > I know I haven't given much information, but any ideas? > > > > I also get this when it tries to reuse a session: > > > > [31/Mar/2004 16:03:27 01120] [trace] Inter-Process Session Cache: > > request=GET status=MISSED > > id=6E353CAC3C6970AA0EC526304B7DBC97A6CC1451C014B39F9276342D1B870970 > > (session renewal) > > This only occurs when I turn on client authentication. It works fine > with plain ssl. That would indicate (probably) that the session is too big, as they include client certs in when client-auth is being used. You didn't mention which session cache type you're using - what's the SSLSessionCache directive in your config? Also, if you run with tracing on and you get a "GET/MISSED", can you check backwards from there for a log message with the same id byte-string, hopefully it's a "PUT/MISSED" or something like that, indicating that the session store failed. Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
