Hey,
I'm doing some research about the SSL session tracking / SSL Session id's.
Now I'm having some problems when requests are send to the server in quick
succession, I notice the problem is fixed or at least less occuring when
the keepAlive server setting is set to 0..
When the keepAliveTimeout is not set to "0" I can see in the SSL debug logs
the SSL session get's invalidated after some requests with a Broken Pipe
exception. Is this because there are too many open connections during
the keepAliveTimeout?
It also only happens when processing the requests takes some time (fe.
storing items in database) or when I put the threat to sleep for testing
purpose.
When inspecting the traffic I see some tcp-rst packages (problem is here?)
from previous connections while the current one is being processed.
My question is why these SSL Sessions get invalidated after alot of quick
requests to the server since this gives a problem with my SSL Session
tracking since the id changes then.
I can provide a sample jsp project where the Invalidation occurs if wanted..
PS. I'm running Tomcat 7 on a mac osx Lion 10.7.4
server.xml settings:
<Connector
port="8443" maxHttpHeaderSize="8192"
maxThreads="150"
keepAliveTimeout="0"
scheme="https" secure="true"
clientAuth="false"
sslProtocol="SSLv3"
SSLEngine="on"
SSLEnabled="true"
ciphers = "TLS_RSA_WITH_AES_256_CBC_SHA"
SSLCipherSuite ="TTLS_RSA_WITH_AES_256_CBC_SHA"
SSLHonorCipherOrder = "true"
keystoreFile="***" keystorePass="***"/>
Thanks in advance,
Vincent Goelen
