I have enabled --ssl-sessions-use-cache but all tools I've used for testing showed that only tickets are supported, not session IDs. Maybe it requires some specific openssl version for IDs to work?
2014-03-31 17:10 GMT+02:00 Roberto De Ioris <[email protected]>: > > > Hi, > > > > there are 2 methods for SSL session caching: sessions IDs and session > > tickets (described here: > > > http://en.wikipedia.org/wiki/Transport_Layer_Security#Resumed_TLS_handshake > ) > > > > uWSGI uses only tickets, but docs ( > > http://uwsgi-docs.readthedocs.org/en/latest/SSLScaling.html) states it > > requires replicated cache for synchronizing sessions accross different > > uWSGI servers. > > But tickets are suppose to provide session resumption without the need to > > have server side session storage. > > > > > > When no caching is enabled (and configured to be used as session storage), > tickets are used. Otherwise tickets are disabled and sessions are used > instead. > > > Why supporting sessions if tickets already solve the issue ? Well, tickets > support less features than sessions, so if you can you should use them. > > I am not an ssl expert (but it looks like being an expert in this topic is > not a win currently ;) so this is only what i got. > > -- > Roberto De Ioris > http://unbit.it > _______________________________________________ > uWSGI mailing list > [email protected] > http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi > -- Łukasz Mierzwa
_______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
