I am having errors noting the SSL Session Cache is set to NONE when applying UD17 to APPS9.
btw - http server will not start. Nodemanager, AdminServer & ManagedServer1 all start with no errors.
In review of chasing the rabbit through the log files I came across this
Syntax error on line 16 of D:/ifs/extsvr/ifsdev/instance/IFSDEV/conf/mod_wl_ohs_IFSDEV.conf:>
the .conf file is as follows with line 16 referencing yellow highlight
WLMaxWebSocketClients 450
LoadModule deflate_module "${ORACLE_HOME}/ohs/modules/mod_deflate.so"
<IfModule mod_deflate.c>
SetOutputFilter deflate
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.zip$ no-gzip dont-vary
</IfModule>
<IfModule ossl_module>
# Some MIME-types for downloading Certificates and CRLs
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache none
SSLProxySessionCache off
<VirtualHost dvsapp18.cpk.chpk.com:58443>
ServerName dvsapp18.cpk.chpk.com:58443
DocumentRoot "D:\ifs\extsvr\ifsdev/instance/IFSDEV/www-root"
In review of httpd.apache it notes the following.
I looked up the SSL Session State in httpd.apache and found the following.
This configures the storage type of the global/inter-process SSL Session Cache. This cache is an optional facility which speeds up parallel request processing. For requests to the same server process (via HTTP keep-alive), OpenSSL already caches the SSL session information locally. But because modern clients request inlined images and other data via parallel requests (usually up to four parallel requests are common) those requests are served by different pre-forked server processes. Here an inter-process cache helps to avoid unnecessary session handshakes.
The following five storage types are currently supported:
none
This disables the global/inter-process Session Cache. This will incur a noticeable speed penalty and may cause problems if using certain browsers, particularly if client certificates are enabled. This setting is not recommended.
So my question is, during the install/reconfiguration there is an option to not use the default of SSLSessionCache None under the cipher protocol.
Should I uncheck such? If so, what else may need changed?
If I do not uncheck it, where do I look to resolve this error?
Is there a cipher suite that should be changed?
I set protocol to All just to see if this was an issue applying UD17. on APPS9
I appreciate the feedback.
Thank you