Bug#880565: apache2: when SSLSessionTicketKeyFile is set then TLS Session ticket will be empty
Package: apache2
Version: 2.4.25-3+deb9u3
Severity: normal
Dear Maintainer,
the SSLSessionTicketKeyFile to a shared memory stored file syncronized between multiple server in order to permit
TLS session reuse between servers via session tickets, this configuration is worked fine in Jessie and also the same configuration is working on Buster
with all the logs activated apache says in the virtual hosts error.log that : AH02288: TLS session ticket key for ... successfully loaded from /dev/shm/...
If SSLSessionTicketKeyFile is not configured then the TLS session reuse via session tickets is working but that way is not possible
to syncronize the key used between servers
I would expect that this configurations is working also in Stretch.
-- Package-specific info:
-- System Information:
Debian Release: 9.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apache2 depends on:
ii apache2-bin 2.4.25-3+deb9u3
ii apache2-data 2.4.25-3+deb9u3
ii apache2-utils 2.4.25-3+deb9u3
ii dpkg 1.18.24
ii init-system-helpers 1.48
ii lsb-base 9.20161125
ii mime-support 3.60
ii perl 5.24.1-3+deb9u2
ii procps 2:3.3.12-3
Versions of packages apache2 recommends:
ii ssl-cert 1.0.39
Versions of packages apache2 suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii lynx [www-browser] 2.8.9dev11-1
Versions of packages apache2-bin depends on:
ii libapr1 1.5.2-5
ii libaprutil1 1.5.4-3
ii libaprutil1-dbd-sqlite3 1.5.4-3
ii libaprutil1-ldap 1.5.4-3
ii libc6 2.24-11+deb9u1
ii libldap-2.4-2 2.4.44+dfsg-5+deb9u1
ii liblua5.2-0 5.2.4-1.1+b2
ii libnghttp2-14 1.18.1-1
ii libpcre3 2:8.39-3
ii libssl1.0.2 1.0.2l-2
ii libxml2 2.9.4+dfsg1-2.2+deb9u1
ii perl 5.24.1-3+deb9u2
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages apache2-bin suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii lynx [www-browser] 2.8.9dev11-1
Versions of packages apache2 is related to:
ii apache2 2.4.25-3+deb9u3
ii apache2-bin 2.4.25-3+deb9u3
-- Configuration Files:
/etc/logrotate.d/apache2 changed [not included]
-- no debconf information
Reply to: