SSLSessionCache
If the following error is encountered in the error.log file:
[warn] Init: Session Cache is not configured [hint: SSLSessionCache]
This usually points to a distro breaking up SSL directives from the base SSL virtual host configuration. The default SSL configuration shipped with apache.org's Apache package contains these SSL configurations along with a base virtual host configuration.
Make sure that your SSL configuration file gets loaded before your virtual host configuration file and contains a line that looks like:
SSLSessionCache shmcb:/some/example/path/ssl_scache(512000)
For confirmation, use http://localhost/server-status to check the cache status.
Output should be similar to the following:
SSL/TLS Session Cache Status: <<BR>> cache type: SHMCB, shared memory: 512000 bytes, current sessions: 1[[BR]] sub-caches: 32, indexes per sub-cache: 133[[BR]] time left on oldest entries' SSL sessions: avg: 297 seconds, (range: 297...297)[[BR]] index usage: 0%, cache usage: 0%[[BR]] total sessions stored since starting: 1[[BR]] total sessions expired since starting: 0[[BR]] total (pre-expiry) sessions scrolled out of the cache: 0[[BR]] total retrieves since starting: 1 hit, 1 miss[[BR]] total removes since starting: 0 hit, 0 miss[[BR]]
If you do not get any session cache statistics on the server-status page then your SSL configuration is not correctly set.
To enable server-status, the following construct can be used in your Apache configuration file:
Example
<IfModule mod_status.c>
#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.
#
ExtendedStatus On
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from .example.com
</Location>
</IfModule>
Problems on 64-bit Microsoft Windows
The following error may be encountered in the error.log file on a 64-bit version of Windows with the 32-bit version of Apache:
Syntax error on line 62 of C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/extra/httpd-ssl.conf: SSLSessionCache: Invalid argument: size has to be >= 8192 bytes
The offending line will be something like this:
SSLSessionCache "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"
Due to a parser error the "(x86)" in the path is mistakenly found when looking for the bracketed cache size parameter at the end. A work-around is to create a link to the Apache folder somewhere else and then replace the Apache folder of the above path with the path of that link. For example, create a link to
C:/Program Files (x86)/Apache Software Foundation
in your user folder as:
c:\Users\myusername\Apache
and then use that path in the config file:
SSLSessionCache "shmcb:c:/Users/myusername/Apache/Apache2.2/logs/ssl_scache(512000)"
As an alternative under Vista/Windows 7/Server 2008/Server 2008 R2 64bit you can create a junction:
mklink /j "C:\Program Files\Apache Software Foundation\Apache2.2\logs" "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\logs"
and then simply remove the (x86) from the path in the config file:
"shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"
A less complex alternative is to use the 8.3 compatible short name for "Program Files (x86)" which can be found by running:
dir /x c:\
The short name will probably look like "PROGRA~2". The offending line can then be changed to:
SSLSessionCache "shmcb:C:/PROGRA\~2/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"
NOTE: The tilde (~) must be backslash escaped.