Highly Restricted - Confidential Thanks for your prompt reply. Please find my response inline.
-----Original Message----- From: Christopher Schultz <ch...@christopherschultz.net> Sent: Wednesday, November 27, 2019 11:15 PM To: users@tomcat.apache.org Subject: Re: FW: tomcat creating new ssl session id for same session -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rekha, On 11/27/19 05:15, rekha...@dell.com wrote: > I am using javax.servlet.request.ssl_session_id for session > validation. But tomcat creating new ssl session id and user session > validation is failing. How are you performing the validation? Rekha MS: Ssl_session_id is used for validation. What is the order-of-events that you are observing? Rekha MS : Ssl_session_id is same for some requests and then it changes after some time. What version of Tomcat, and what kind of <Connector> are you using? Rekha MS: Tomcat 8.5.15 , Nio connector(Http11NioProtocol to be specific) > Please let me know when tomcat creates new ssl session id and how by > mandate it to use same ssl session id for same user session TLS session ids must change periodically when certain renegotiations occur. This is actually a security feature. I'm not sure it is possible to disable it entirely Rekha MS: what triggers these renegotiations? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl3etiEACgkQHPApP6U8 pFiKsg/+MSt/JOsbkOtL/x9z9RDV85HQtj3oQK6GQY5bp66ZTsZZugkwEbUdg8wb 3IDrw4qYuuyGs+PXqqjKwd76Td9EVWYBUEbtw3HPmOx2g0g3XsfTEgKetMRSyJrh Xh6vTFb9PPwlR1Lozv+OAkQXIradAZUXxHxWY6lcR1ox1X8A8VlnzTKA1oPBL+qk 1q6coOcNuhSJ2DjFFCmaBBp75qBQMFRvcIQacChQEfT1oFdFWkt22L8tmwLF3bKZ gb8Tc4ohDkwWZUeSeiq6p6dIN8LhK7q40rJH3akEwQJGrD3dPoSojwGiLKXvOMkj 2czFC4SdJ6MJnjxh57LvKlcxwIP+heEIpF1lscGjfZn+sSzzVDRLZkgkV0hXF4aG uDIKLvETzW88mE4ddfxHICf6IAsLcz6aSR2TaGlJdNgNnsbOooLJc6+cyoA3M1oc 1FpvyzSZsckKpA6KRKqOtNlvveDSgtrTr7EmgK0a2pjAiaq69zxttGfyyOwcKIQw aozuJBRH4mtP1HAT+4EKeUAUHtuPUXeGMJwoFa4MDMu2+HT9krIFB9kcixDuPy5k 6CFfPkXcVCN+XcChWYrI9HJ0vKRh0DzVVEB14RG/8V+oSXUM0+imJdC2I4QFBI0r y1ssOJkam+ZzP+fc5Mz1v/hbbLmX2Y1pe4d/FLNF91l+IXRsKOY= =J9i5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org