23403 – SSLSessionCache: Session Cache is not configured

Bug 23403 - SSLSessionCache: Session Cache is not configured

Summary: SSLSessionCache: Session Cache is not configured

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.0.47
Hardware:	PC Linux

Importance:	P3 minor (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-09-25 07:11 UTC by Alex
Modified:	2006-02-17 03:50 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex 2003-09-25 07:11:14 UTC

Apache configuration:

./configure --prefix=/usr/local/apache  --sysconfdir=/etc/apache \
 --localstatedir=/var/apache --logfiledir=/var/log/apache \
 --runtimedir=/var/apache --proxycachedir=/var/apache \
 --enable-so  --enable-cgi --enable-cgid --enable-rewrite=static \
 --with-mpm=prefork --enable-vhost-alias --enable-speling=static \
 --enable-cache=static  --enable-file-cache=static \
 --enable-mem-cache=static \
 --enable-ssl=static --with-ssl=/usr/include/openssl


When you start apache2 without SSL (even though you compiled SSL support - see 
above), you get the following message in the error log:

[warn] Init: Session Cache is not configured [hint: SSLSessionCache]

To get rid of this message, one has to add "SSLSessionCache" directive in 
httpd.conf .
SSL.conf file (where SSLSessionCache should be located) is not processed.

Comment 1 Amit Athavale 2004-04-28 12:49:06 UTC

>> When you start apache2 without SSL (even though you compiled SSL support - see 
>> above), you get the following message in the error log:

Could you elaborate what do you mean by without SSL ?
(do you mean SSLEngine = off ?)

Comment 2 Olaf Lautenschlaeger 2005-03-02 13:49:28 UTC

(In reply to comment #1)
> Could you elaborate what do you mean by without SSL ?
> (do you mean SSLEngine = off ?)

The same thing happened to me after my Apache+mod_ssl already worked fine
(more or less out of the box, + providing self-signed cert and key and
invoking mod_ssl by having the "-D SSL" parameter set).

I erroneously issued "apache -k config", which I thought it will force Apache
to re-read the .conf files w/o restarting the service/daemon.

Instead, this command removed the "-D SSL" parameter from the registry settings
of the installed NT service, so that, after next machine reboot, Apache started
with loaded, but unconfigured mod_ssl.so (omitted reading the ssl.conf include
file).

The error msg seems to have warning character only - when you place a valid
SSLSessionCache directive somewhere in httpd.conf, the msg will disappear.

Check if "-D SSL" is still provided when you start the server. If not,
issuing an "apache -D SSL -n Apache2 -k config" will repair the damage.

Comment 3 Joe Orton 2006-02-17 12:50:28 UTC

This is an entirely harmless warning.  If you don't want to use mod_ssl, then
don't load mod_ssl, and you won't see the warning.