Hello
May I ask how to monitor nginx ssl-session-cache status
For instance:
How much ssl-session-cache has been used, how much left
How many Session-ID are saving
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
How can this be monitored however?
-Original Message-
From: nginx On Behalf Of Maxim Dounin
Sent: Monday, March 16, 2020 8:33 AM
To: nginx@nginx.org
Subject: Re: SSL session cache full
** [EXTERNAL EMAIL]: Do not click links or open attachments unless you
recognize the sender and know
Hello!
On Mon, Mar 16, 2020 at 12:36:21AM -0700, Frank Liu wrote:
> I have a question after reading https://trac.nginx.org/nginx/ticket/621 .
> When that alert is logged in error log, what will happen to the connection?
> Will the client get an error (such as HTTP 4XX), or will it work as if the
Hi,
I have a question after reading https://trac.nginx.org/nginx/ticket/621 .
When that alert is logged in error log, what will happen to the connection?
Will the client get an error (such as HTTP 4XX), or will it work as if the
server doesn't support session resumption?
As mentioned in comment3 i
Hello!
On Wed, Dec 16, 2015 at 01:59:05PM +0100, Frank Jansen wrote:
> SSL-Session-Cache isnot working on non-standard port.
>
> I tried the solutions mentioned in
> http://forum.nginx.org/read.php?2,152294,152294
>
> - configuring ssl_session_cache outside of server bloc
SSL-Session-Cache isnot working on non-standard port.
I tried the solutions mentioned in
http://forum.nginx.org/read.php?2,152294,152294
- configuring ssl_session_cache outside of server blocks
- configuring ssl_session_cache inside every server block
But the cache is only working on vhosts
Thank you, Maxim, for your reply.
> It's not really a big deal though, as
> ssl_session_cache with builtin cache was available all the time,
> and there is no serious difference as it's not possible to use
> multiple worker processes on Windows.
Based on that statement I will not bother with th
Hello!
On Fri, May 15, 2015 at 12:30:11PM -0700, Igal @ Lucee.org wrote:
> hi,
>
> I know that in the past the directive:
>
> ssl_session_cache shared:SSL:1m;
>
> did not work on Windows.
>
> in nginx 1.9.0 I see "*) Feature: shared memory can now be used on
> Windows versions with addr
hi,
I know that in the past the directive:
ssl_session_cache shared:SSL:1m;
did not work on Windows.
in nginx 1.9.0 I see "*) Feature: shared memory can now be used on
Windows versions with address space layout randomization."
does that mean that ssl_session_cache can be used on Windows
Hey,
> Maybe SSL_CTX_set_timeout() should be moved to the beginning of
> ngx_ssl_session_cache() then.
http://hg.nginx.org/nginx/rev/767aa37f12de
Best regards,
Piotr Sikora
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listin
Hello,
>From http://tools.ietf.org/html/rfc5077#section-3.4, I think Session Tickets
and Session ID do not work for one connection at the same time. If the
client supports Tickets, then Session ID (or the session cache) will not
work.
Am I right? In my test, the 2 callbacks ngx_ssl_new_sess
fbf6a98ce29f3f860782a1ebd7e6cf
> > # Parent 734f0babfc133c2dc532f2794deadcf9d90245f7
> > Core: slab log_nomem flag.
> >
> > The flag allows to suppress "ngx_slab_alloc() failed: no memory" messages
> > from a slab allocator, e.g., if an LRU expiration is us
uppress "ngx_slab_alloc() failed: no memory" messages
> from a slab allocator, e.g., if an LRU expiration is used by a consumer
> and allocation failures aren't fatal.
>
> The flag is now set in the SSL session cache code, and in the limit_req
> module.
>
&g
suppress "ngx_slab_alloc() failed: no memory" messages
> > from a slab allocator, e.g., if an LRU expiration is used by a consumer
> > and allocation failures aren't fatal.
> >
> > The flag is now set in the SSL session cache code, and in the limit_req
> &
ag.
>
> The flag allows to suppress "ngx_slab_alloc() failed: no memory" messages
> from a slab allocator, e.g., if an LRU expiration is used by a consumer
> and allocation failures aren't fatal.
>
> The flag is now set in the SSL session cache code, and in the li
ation failures aren't fatal.
The flag is now set in the SSL session cache code, and in the limit_req
module.
diff --git a/src/core/ngx_slab.c b/src/core/ngx_slab.c
--- a/src/core/ngx_slab.c
+++ b/src/core/ngx_slab.c
@@ -129,6 +129,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
pool-&g
izel wrote:
>> > > > >
>> > > > > > Hi,
>> > > > > > currently SSL session lifetime and SSL ticket lifetime are
>> equal in
>> > > > > nginx.
>> > > > > >
>> > > > > > If we use session ticket
> > > If we use session tickets with big enough lifetime (12hrs), we
> get a
> > > lot
> > > > > of
> > > > > > error log messages while allocating new sessions in shared
> memory:
> > > > > >
> > > > > > 2014/03/18 1
t; > nginx.
> > > > >
> > > > > If we use session tickets with big enough lifetime (12hrs), we get a
> > lot
> > > > of
> > > > > error log messages while allocating new sessions in shared memory:
> > > > >
> > > > &
etime are equal in
> > > nginx.
> > > >
> > > > If we use session tickets with big enough lifetime (12hrs), we get a
> lot
> > > of
> > > > error log messages while allocating new sessions in shared memory:
> > > >
> > > &g
error log messages while allocating new sessions in shared memory:
> > >
> > > 2014/03/18 13:36:08 [crit] 18730#0: ngx_slab_alloc() failed: no memory in
> > > SSL session shared cache "SSL"
> > >
> > > We don't want to increase session cach
> If we use session tickets with big enough lifetime (12hrs), we get a lot
> of
> > error log messages while allocating new sessions in shared memory:
> >
> > 2014/03/18 13:36:08 [crit] 18730#0: ngx_slab_alloc() failed: no memory in
> > SSL session shared cache "SSL
n shared memory:
>
> 2014/03/18 13:36:08 [crit] 18730#0: ngx_slab_alloc() failed: no memory in
> SSL session shared cache "SSL"
>
> We don't want to increase session cache size b/c working with it is a
> blocking operation and I believe it doesn't work good
SSL session shared cache "SSL"
We don't want to increase session cache size b/c working with it is a
blocking operation and I believe it doesn't work good enought in our
network scheme.
As I can see - those messages are generated by ngx_slab_alloc_pages() even
if session wa
Hello!
On Sun, Mar 09, 2014 at 12:23:23PM +0100, Lukas Tribus wrote:
> Hi Maxim,
>
>
> > You've changed SSL session timeout from 10 minutes to 24 hours,
> > and this basically means that sessions will use 144 times more
> > space in session cache. On t
Hi Maxim,
> You've changed SSL session timeout from 10 minutes to 24 hours,
> and this basically means that sessions will use 144 times more
> space in session cache. On the other hand, cache size wasn't
> changed - so you've run out of space in the cache configured.
Hello!
On Tue, Mar 04, 2014 at 09:22:48AM +0100, Alex wrote:
> Hi!
>
> On 2014-03-03 18:45, Maxim Dounin wrote:
> > Note well that configuring ssl_buffer_size to 1400 isn't a good
> > idea unless you are doing so for your own performance testing.
> > See previous discussions for details.
>
>
Hi!
On 2014-03-03 18:45, Maxim Dounin wrote:
> Note well that configuring ssl_buffer_size to 1400 isn't a good
> idea unless you are doing so for your own performance testing.
> See previous discussions for details.
Maxim, I remember the discussion that was started by Ilya. From what I
underst
not add new SSL session to the
> session cache while SSL handshaking
>
> Any ideas on why these alerts would now be showing up? I am not
> sure how to address, or whether there should be cause for
> concern?
>
> NGiNX 1.5.10 w/ SPDY 3.1 # Previously 1.5.8, now including
On Mon, Dec 02, 2013 at 09:29:53PM +0400, Дмитрий Лабазнов wrote:
> Hi there,
> > If it is a cookie called "user", then something like
>
> > proxy_cache_key "$host$request_uri $cookie_user";
> yes cookie, what does it mean called "user" ?
> Users have a cookie session, and this strind do not wo
--- Original message ---
From: "Francis Daly"
Date: 2 December 2013, 19:21:29
> On Mon, Dec 02, 2013 at 09:18:06PM +0400, Дмитрий Лабазнов wrote:
>
> Hi there,
>
> > Could you plz some example ?
>
> What is a session?
>
> If it is a cookie called "user", then something like
>
> proxy_ca
On Mon, Dec 02, 2013 at 09:29:53PM +0400, Дмитрий Лабазнов wrote:
Hi there,
> > If it is a cookie called "user", then something like
>
> > proxy_cache_key "$host$request_uri $cookie_user";
> yes cookie, what does it mean called "user" ?
> Users have a cookie session, and this strind do not wor
> Hi there,
> Could you plz some example ?
> What is a session?
> If it is a cookie called "user", then something like
> proxy_cache_key "$host$request_uri $cookie_user";
> may work for you.
yes cookie, what does it mean called "user" ?
Users have a cookie session, and this strind do not work
On Mon, Dec 02, 2013 at 09:18:06PM +0400, Дмитрий Лабазнов wrote:
Hi there,
> Could you plz some example ?
What is a session?
If it is a cookie called "user", then something like
proxy_cache_key "$host$request_uri $cookie_user";
may work for you.
f
--
Francis Dalyfran...@d
Could you plz some example ?
2013/12/2 Francis Daly
> On Mon, Dec 02, 2013 at 03:47:42PM +0300, Дмитрий Лабазнов wrote:
>
> Hi there,
>
> > Hi, could anybody say, may i cache dynamic content for sessions isolate
> > from eache other ?
>
> http://nginx.org/r/proxy_cache_key
>
> Include something
On Mon, Dec 02, 2013 at 03:47:42PM +0300, Дмитрий Лабазнов wrote:
Hi there,
> Hi, could anybody say, may i cache dynamic content for sessions isolate
> from eache other ?
http://nginx.org/r/proxy_cache_key
Include something unique per session in the key.
f
--
Francis Dalyfran.
Hi, could anybody say, may i cache dynamic content for sessions isolate
from eache other ?
I have very hard sql, but it is show some results which very variative for
users, but some times users call this script many time in small period of
time, so i wana cache the results in small period for each
37 matches
Mail list logo
