Hello everyone! I have a webapp running on tomcat 7.0.92 with java 7 with APR/tomcat native 1.2.19 on RHEL 6
I've tested website(debug.ieml.ru) on which my webapp is running on ssllabs server test and one thing I've noticed is the orange warning line saying Session resumption (caching) No (IDs empty) which obviously means that session caching is not enabled So the question is how to enable it when using Apr tomcat connector documentation has sessionCacheSize attribute but it is for JSSE only and not APR Am I missing some other attribute which enables on APR connector or does this mean that APR doesn't use SSL session caching? Here is my connector from server.xml <Connector allowTrace="false" server=" " port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" redirectPort="8443" SSLHonorCipherOrder="true" SSLCertificateFile="server.crt" SSLCertificateKeyFile="server.key" SSLCertificateChainFile="authorities.crt" SSLProtocol="TLSv1.2+TLSv1.3" maxThreads="350" minSpareThreads="25" SSLEnabled="true" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" compression="force" SSLCipherSuite="TLS_CHACHA20_POLY1305_SHA384,TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,ECDHE-ECDSA-AES256-GCM-SHA384 ,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, ECDHE-ECDSA-AES256-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA,ECDHE-RSA-AES256-SHA"></Connector>