66440 – The maximum effective value of SSLSessionCacheTimeout is 3600

Bug 66440 - The maximum effective value of SSLSessionCacheTimeout is 3600

Summary: The maximum effective value of SSLSessionCacheTimeout is 3600

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.4.37
Hardware:	Other Linux

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-01-23 13:42 UTC by zhenying.gu
Modified:	2023-04-11 13:21 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description zhenying.gu 2023-01-23 13:42:38 UTC

When SSLSessionCacheTimeout is set to a value less than or equal to 3600, and SSLVerifyClient is set to true, the log shows that the interval between mod_ssl's verifying the client certificate is the value of SSLSessionCacheTimeout.  When it is set to 5400 or lager, mod_ssl still verifies the client certificate every 3600 seconds.  

In addition, SSLSessionCacheTimeout defined in virtual host doesn't overwrite the value defined in ssl.conf.