Welcome! Log In Create A New Profile

Advanced

RE: SSL session cache full

March 16, 2020 10:00AM
How can this be monitored however?

-----Original Message-----
From: nginx <nginx-bounces@nginx.org> On Behalf Of Maxim Dounin
Sent: Monday, March 16, 2020 8:33 AM
To: nginx@nginx.org
Subject: Re: SSL session cache full

** [EXTERNAL EMAIL]: Do not click links or open attachments unless you recognize the sender and know the content is safe. **

Hello!

On Mon, Mar 16, 2020 at 12:36:21AM -0700, Frank Liu wrote:

> I have a question after reading https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.nginx.org%2Fnginx%2Fticket%2F621&amp;data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&amp;sdata=1oXIyqckAq1MsnmVYoskBJH8ixRGoWqkVcOiajUtkW8%3D&amp;reserved=0 .
> When that alert is logged in error log, what will happen to the connection?
> Will the client get an error (such as HTTP 4XX), or will it work as if
> the server doesn't support session resumption?
> As mentioned in comment3 in that ticket, for 2-way SSL clients, this
> could happen more frequently, will nginx fail the 2-way SSL handshake
> and give 4xx error?

The error in question simply means the session won't be cached, so it cannot be resumed later. No SSL handshake or HTTP level errors will happen.

--
Maxim Dounin
https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmdounin.ru%2F&amp;data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&amp;sdata=gjfmvOiIz16HqBEFWRrunTUE4ihOQilCbL%2FRCMrkzWc%3D&amp;reserved=0
_______________________________________________
nginx mailing list
nginx@nginx.org
https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmailman.nginx.org%2Fmailman%2Flistinfo%2Fnginx&amp;data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&amp;sdata=luC3%2FBJR2uJuG55O1UHl9FbxiwUP0QZ22nRHrf21kQ4%3D&amp;reserved=0

________________________________

This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

SSL session cache full

Frank Liu March 16, 2020 03:38AM

Re: SSL session cache full

Maxim Dounin March 16, 2020 08:34AM

RE: SSL session cache full

systrex March 16, 2020 10:00AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 99
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready