httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <>
Subject Re: [users@httpd] SSL Session Id lost?
Date Thu, 23 Jul 2015 21:03:27 GMT
On Thu, Jul 23, 2015 at 3:50 PM, Alex Soto <> wrote:
> It seems that everything is configured correctly since sometimes works. Have
> you ever found something similar or knows what it can be happening? Do you
> think that maybe the problem is on client (browser) side?
> We say that there is something in Apache Httpd since I have modified what
> was printed in access_log file to print the ssl session id as second
> parameter. And I get next:
> (LogFormat "%H %{SSL_SESSION_ID}e %h %l %u %t \"%r\" %>s %b")
> HTTP/1.1 - - - [09/Jul/2015:09:15:06 +0000] "GET /hello/hello
> HTTP/1.1" 200 89

This is because the SSL_SESSION_ID is not always available on the TLS
side, when session tickets are used at first.

It's up to the client to generate (or not) a session ID, which is only
available on the first session resumption. for the details.

You may configure "SSLSessionTickets off" to disable session tickets
management in TLS (using session IDs only).


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message