Ok finally it was the combination of the flag you mention with other flags. Now everything works, thank you so much.
Alex. El dv., 24 jul. 2015 a les 9:51, Alex Soto (<asot...@gmail.com>) va escriure: > Hi I have tried to put SSLSessionTickets off to httpd.conf and > httpd-ssl.conf but the result is still the same. > > Regards, > Alex. > > El dj., 23 jul. 2015 a les 23:03, Yann Ylavic (<ylavic....@gmail.com>) va > escriure: > >> On Thu, Jul 23, 2015 at 3:50 PM, Alex Soto <asot...@gmail.com> wrote: >> > >> > It seems that everything is configured correctly since sometimes works. >> Have >> > you ever found something similar or knows what it can be happening? Do >> you >> > think that maybe the problem is on client (browser) side? >> > >> > We say that there is something in Apache Httpd since I have modified >> what >> > was printed in access_log file to print the ssl session id as second >> > parameter. And I get next: >> > >> > (LogFormat "%H %{SSL_SESSION_ID}e %h %l %u %t \"%r\" %>s %b") >> > >> > HTTP/1.1 - 172.17.42.1 - - [09/Jul/2015:09:15:06 +0000] "GET >> /hello/hello >> > HTTP/1.1" 200 89 >> >> This is because the SSL_SESSION_ID is not always available on the TLS >> side, when session tickets are used at first. >> >> It's up to the client to generate (or not) a session ID, which is only >> available on the first session resumption. >> >> https://tools.ietf.org/html/rfc5077#section-3.4 for the details. >> >> You may configure "SSLSessionTickets off" to disable session tickets >> management in TLS (using session IDs only). >> >> Regards, >> Yann. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >>