You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
hey there, i'm using ngx.ssl.session with memcached and want to implement distributed ssl session caching. i check that for every request ( when i open browser or send ctrl+F5 ) , new session id is coming from my browser to my openresty server so new key add to memcached and never cached sessions reused becuase session id is key of stored session object in memcached
also i'm using openssl 1.1.1f and openresty 1.21.4
what is my problem? can u help ?
thanks best regards
following is my openresty configuration
ssl_session_fetch_by_lua_block {
local ssl_sess = require "ngx.ssl.session"
local sess_id, err = ssl_sess.get_session_id()
if not sess_id then
ngx.log(ngx.ERR, "failed to get session ID: ", err)
return
end
local function retrieve_by_id(sess_id)
local memcached = require "resty.memcached"
local memc, err = memcached:new()
if not memc then
ngx.say("failed to instantiate memc: ", err)
return
end
memc:set_timeout(1000) -- 1 sec
local ok, err = memc:connect("127.0.0.1", 11211)
if not ok then
ngx.say("connection to memcache failed",err)
return
end
local ok, err = memc:get(sess_id)
return ok
end
local sess, err = retrieve_by_id(sess_id)
if not sess then
if err then
ngx.log(ngx.ERR, "failed to look up the session by ID ",sess_id, ": ", err)
return
end
return
end
local ok, err = ssl_sess.set_serialized_session(sess)
ngx.log(ngx.ERR, "setting session by value: ",sess)
if not ok then
ngx.log(ngx.ERR, "failed to set SSL session for ID ", sess_id, ": ", err)
return
end
}
ssl_session_store_by_lua_block {
local ssl_sess = require "ngx.ssl.session"
local sess_id, err = ssl_sess.get_session_id()
if not sess_id then
ngx.log(ngx.ERR, "failed to get session ID: ", err)
return
end
local sess, err = ssl_sess.get_serialized_session()
if not sess then
ngx.log(ngx.ERR, "failed to get SSL session from the ","current connection: ", err)
return
end
ngx.log(ngx.ERR, "getting session by value: ",sess)
local function my_save_ssl_session_by_id(sess_id, sess)
local memcached = require "resty.memcached"
local memc, err = memcached:new()
if not memc then
ngx.say("failed to instantiate memc: ", err)
return
end
memc:set_timeout(1000) -- 1 sec
local ok, err = memc:connect("127.0.0.1", 11211)
if not ok then
ngx.say("connection to memcached failed",err)
return
end
local ok, err = memc:set(sess_id, sess, 86400)
if not ok then
ngx.say("failed to set session and id on memcached: ",err)
return
end
return ok
end
local function save_it(premature, sess_id, sess)
local sess, err = my_save_ssl_session_by_id(sess_id, sess)
if not sess then
if err then
ngx.log(ngx.ERR, "failed to save the session by ID ", sess_id, ": ", err)
return ngx.exit(ngx.ERROR)
end
return
end
end
local ok, err = ngx.timer.at(0, save_it, sess_id, sess)
if not ok then
ngx.log(ngx.ERR, "failed to create a 0-delay timer: ", err)
return
end
}
server {
listen 443 ssl;
server_name test.com;
ssl_certificate /root/test.com-cert.pem;
ssl_certificate_key /root/test.com-key.pem;
location / {
proxy_pass http://somewhere;
}
}
}
`
The text was updated successfully, but these errors were encountered:
hey there, i'm using ngx.ssl.session with memcached and want to implement distributed ssl session caching. i check that for every request ( when i open browser or send ctrl+F5 ) , new session id is coming from my browser to my openresty server so new key add to memcached and never cached sessions reused becuase session id is key of stored session object in memcached
also i'm using openssl 1.1.1f and openresty 1.21.4
what is my problem? can u help ?
thanks best regards
following is my openresty configuration
`
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
lua_package_path '/usr/local/openresty/lua-resty-memcached/lib/?.lua;/usr/local/openresty/lualib/resty/?.lua;;';
}
`
The text was updated successfully, but these errors were encountered: