Forum Discussion
Jason_Keating
Altostratus
Altostratussession add ssl [SSL::sessionid]
My question is in regard to SSL::sessionid.
In the definition below (1) it is stated:
"Returns the current connection's SSL session ID if it exists in the session cache. If it does not exist in the cache, returns a string of 64 zeroes."
I am trying to use SSL::sessionid in an iRule modelled on (2) below. I am using SSL::sessionid as the key on a session (session add ssl [SSL::sessionid] $ssl_stuff $session_timeout). The trouble is, every entry in the session table has a key (aka SSL:sessionid) of 64 0's.
When does an SSL sessionid get added to the session cache, and where/what is the session cache?
Where can we find more detail on subjects such as the session cache, for example I'd really like to know more about 'session' and it's modes but do not see anything in the Wiki nor in askF5, is there a specification we can refer to ?
Regards J
(1) http://devcentral.f5.com/wiki/default.aspx/iRules/SSL__sessionid.html
(2) http://devcentral.f5.com/wiki/default.aspx/iRules/InsertCertInServerHeaders.html
2 Replies
hoolioCirrostratus
Hi J,
See this post for details on the 0 session IDs:
SSL::sessionid always returns zero?!
http://devcentral.f5.com/Default.aspx?tabid=53&aft=1874018740
It looks like the null session ID will occur on every attempt to retrieve SSL::sessionid if you set the client SSL profile to validate the client certificate always (instead of once). This kind of makes sense if you want to check the client cert on every request (and therefore don't ever want to add the session ID to the cache).
Aaron
Jason_KeatingAaron,
Thanks a million, you win my DevCentral contributor of the year award yet again !
Many of my countrymen are no longer confused ! (well three of us anyway)
If I had your address I would send you a chocolate fish (the greatest honor a New Zealand'er can bestow upon a person exhibiting greatness)
Thanks again
J
