How can this be monitored however? -----Original Message----- From: nginx <nginx-boun...@nginx.org> On Behalf Of Maxim Dounin Sent: Monday, March 16, 2020 8:33 AM To: nginx@nginx.org Subject: Re: SSL session cache full
** [EXTERNAL EMAIL]: Do not click links or open attachments unless you recognize the sender and know the content is safe. ** Hello! On Mon, Mar 16, 2020 at 12:36:21AM -0700, Frank Liu wrote: > I have a question after reading > https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.nginx.org%2Fnginx%2Fticket%2F621&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=1oXIyqckAq1MsnmVYoskBJH8ixRGoWqkVcOiajUtkW8%3D&reserved=0 > . > When that alert is logged in error log, what will happen to the connection? > Will the client get an error (such as HTTP 4XX), or will it work as if > the server doesn't support session resumption? > As mentioned in comment3 in that ticket, for 2-way SSL clients, this > could happen more frequently, will nginx fail the 2-way SSL handshake > and give 4xx error? The error in question simply means the session won't be cached, so it cannot be resumed later. No SSL handshake or HTTP level errors will happen. -- Maxim Dounin https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmdounin.ru%2F&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=gjfmvOiIz16HqBEFWRrunTUE4ihOQilCbL%2FRCMrkzWc%3D&reserved=0 _______________________________________________ nginx mailing list nginx@nginx.org https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmailman.nginx.org%2Fmailman%2Flistinfo%2Fnginx&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=luC3%2FBJR2uJuG55O1UHl9FbxiwUP0QZ22nRHrf21kQ4%3D&reserved=0 ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
