Hi,
We use Apache 2.2.29 on. We have observed that sessions are enabled even though we configured to use ticket for the following scenario.
scenario:
1. configure server to use TLS tickets
2. generate a client certificate on server and export it to a browser(firefox/chrome)
2. try to access web page multiple times
Please note that issue does not occur if we dont use client certificates
configuration file :
# client certificate
SSLCACertificateFile "conf/ssl.crt/ca-rsa.crt"
# renegotiation and client certificate
<Location /temp>
SSLVerifyClient require
SSLVerifyDepth 2
</Location>
Log:
[debug] ssl_engine_kernel.c(2786): OpenSSL: Loop: SSLv3 write session ticket A
...
[debug] ssl_scache_shmcb.c(443): ssl_scache_shmcb_retrieve (0xfe -> subcache 30)
[debug] ssl_scache_shmcb.c(798): shmcb_subcache_retrieve found no match
[debug] ssl_scache_shmcb.c(458): leaving ssl_scache_shmcb_retrieve successfully
[debug] ssl_engine_kernel.c(2624): Inter-Process Session Cache: request=GET status=MISSED id=FEF6CFEBB06C5ED58058892740B018EFE7827C8508B5FF905D62D1B70040B581 (session renewal)
Can you please clarify the following
1. is this expected behavior?
2. if not, what could be the issue
Thanks & Regards,
Venkat.
