SSL session migration
I configured my tomcat (6.0.29) cluster "by the book", using only the NIO HTTP connector load balanced by httpd mod_proxy_balancer (HTTP/HTTPS). When using HTTP, i can kill servers and still use my session perfecty. When using HTTPS t开发者_如何转开发he session is lost on failover.
Anyone had this kind of problem or can give me a hint to where i should debug this? The logs show no errors. My current connector looks like this:
<Connector port="8080"
protocol="org.apache.coyote.http11.Http11NioProtocol"
connectionTimeout="5000"
maxThreads="500"
minSpareThreads="25"
maxSpareThreads="75"
acceptCount="10"
redirectPort="443"
proxyName="www.govdigital.com.br"
proxyPort="80" />
httpd proxy.conf:
#SSL
LoadModule ssl_module modules/mod_ssl.so
Listen 443
NameVirtualHost *:443
<VirtualHost _default_:443>
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
#Certificate, PK and CA Bundle
SSLCertificateFile /srv/httpd/exported-pem.crt
SSLCertificateKeyFile /srv/httpd/exported.key
SSLCACertificateFile /srv/httpd/cabundle.pem
</VirtualHost>
#Proxy
ProxyRequests Off
ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid
ProxyPassReverse / balancer://mycluster/
<Proxy balancer://mycluster>
AddDefaultCharset Off
#Working nodes
BalancerMember http://10.1.1.2:8080 route=worker1
BalancerMember http://10.1.1.3:8080 route=worker2
</Proxy>
#Cache
CacheEnable disk /decorators
CacheEnable disk /scripts
CacheRoot /ram/cache/
CacheDirLevels 6
CacheDirLength 3
CacheMaxFileSize 1000000
CacheMinFileSize 1
#Agressive caching
CacheIgnoreCacheControl On
CacheIgnoreNoLastMod On
CacheIgnoreQueryString Off
CacheIgnoreHeaders None
CacheLastModifiedFactor 0.1
CacheDefaultExpire 3600
CacheMaxExpire 86400
CacheStoreNoStore On
CacheStorePrivate On
ErrorDocument 503 "Bad Servers<br/>No donuts for you"
thanks in advance :)
加载中,请稍侯......
精彩评论