Hi I have tried to put SSLSessionTickets off to httpd.conf and httpd-ssl.conf but the result is still the same.
Regards, Alex. El dj., 23 jul. 2015 a les 23:03, Yann Ylavic (<ylavic....@gmail.com>) va escriure: > On Thu, Jul 23, 2015 at 3:50 PM, Alex Soto <asot...@gmail.com> wrote: > > > > It seems that everything is configured correctly since sometimes works. > Have > > you ever found something similar or knows what it can be happening? Do > you > > think that maybe the problem is on client (browser) side? > > > > We say that there is something in Apache Httpd since I have modified what > > was printed in access_log file to print the ssl session id as second > > parameter. And I get next: > > > > (LogFormat "%H %{SSL_SESSION_ID}e %h %l %u %t \"%r\" %>s %b") > > > > HTTP/1.1 - 172.17.42.1 - - [09/Jul/2015:09:15:06 +0000] "GET /hello/hello > > HTTP/1.1" 200 89 > > This is because the SSL_SESSION_ID is not always available on the TLS > side, when session tickets are used at first. > > It's up to the client to generate (or not) a session ID, which is only > available on the first session resumption. > > https://tools.ietf.org/html/rfc5077#section-3.4 for the details. > > You may configure "SSLSessionTickets off" to disable session tickets > management in TLS (using session IDs only). > > Regards, > Yann. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >