AnsweredAssumed Answered

Enabling session resumption in Apache 2.4.6

Question asked by cfmunster on Jul 31, 2013
Latest reply on Aug 2, 2013 by Ivan Ristić

Hi, I am running Apache 2.4.6 (compiled from source) on Debian 7. I have been using the SSLLabs tool to check my configuration, and it looks good except for the fact that session resume returns this:


Session resumption No (IDs empty)


I ran the suggested openssl test (openssl 1.0.1e) from this page:


$ openssl s_client -connect -reconnect -no_ticket | grep Session-ID


and the ids look good, so I seem to have a problem with my configuration. I tried disabling TLS v1.2, but that didn't work.


Here are some details of my Apache config:


SSLProtocol All -SSLv2 -SSLv3

SSLHonorCipherOrder On



SSLSessionCache        "shmcb:/opt/apache2/logs/ssl_scache(512000)"

SSLSessionCacheTimeout  300


and in httpd.conf


LoadModule socache_shmcb_module modules/



I have also tried dbm cache and that isn't working either, so I am wondering if it could be the issue with too many ciphers being used, or if I have another configuration issue. I have also considered the possibility that compiling Apache from source might require some configuration for session resumption that I missed.


Any help is appreciated.