Hi, On Mon, Oct 7, 2013 at 7:58 PM, Ben Summers <[email protected]> wrote: > > Hello, > > I'm using Jetty 9.0.6.v20130930 with Java 1.7.0_40, and SSL session > resumption isn't working. > > If I do > > openssl s_client -reconnect -connect hostname:443 | grep Session-ID > > then the session ID is not constant, and external SSL checking tools confirm > session resumption doesn't work. > > I have tried calling setSessionCachingEnabled(true) on the SslContextFactory, > but this has no effect (as it is the default anyway). > > Session resumption used to work with Jetty 7. > > I would be very grateful for any debugging tips.
So, resumption is supposed to work out of the box if SSLEngine is created with the (host, port) pair, which we do. One possible problem can be due to the fact that the "host" is specified as IP address, while the full qualified name is needed, or viceversa. Usually, the server cannot reverse lookup the client, so on server side it's almost always an IP address. If you can debug, please verify what is being passed to SSLEngine in SslContextFactory.newSSLEngine() ? Also, a comparison between SslContextFactory for 7 and 9 tells something ? -- Simone Bordet ---- http://cometd.org http://webtide.com http://intalio.com Developer advice, training, services and support from the Jetty & CometD experts. Intalio, the modern way to build business applications. _______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
