Adam Crain
2016-03-12 18:16:20 UTC
Hi all,
I'm developing a server which requires client certificate validation.
My server accepts the first connection, and successfully performs the
handshake, and I receive the registered callbacks for each verified
certificate in the chain.
However, the 2nd time a connection is accepted, the handshake callback
returns an error code that serializes to "session id context uninitialized".
Some searching has revealed inconclusive results, but it appears to be
something related to openssl expecting to reuse a previous session. Here's
the accept/handshake code:
https://github.com/automatak/dnp3/blob/gprs-mem-fix/cpp/libs/src/asiopal/tls/TLSServer.cpp#L84
Am I doing this correctly where each ssl::stream shares a single common
ssl::context? Is there an explicit way to disable session caching?
Regards,
Adam
I'm developing a server which requires client certificate validation.
My server accepts the first connection, and successfully performs the
handshake, and I receive the registered callbacks for each verified
certificate in the chain.
However, the 2nd time a connection is accepted, the handshake callback
returns an error code that serializes to "session id context uninitialized".
Some searching has revealed inconclusive results, but it appears to be
something related to openssl expecting to reuse a previous session. Here's
the accept/handshake code:
https://github.com/automatak/dnp3/blob/gprs-mem-fix/cpp/libs/src/asiopal/tls/TLSServer.cpp#L84
Am I doing this correctly where each ssl::stream shares a single common
ssl::context? Is there an explicit way to disable session caching?
Regards,
Adam
--
J Adam Crain - Partner
<http://www.automatak.com>
PGP 4096R/E2984A0C <https://www.automatak.com/keys/jadamcrain.asc> 2013-05-03
J Adam Crain - Partner
<http://www.automatak.com>
PGP 4096R/E2984A0C <https://www.automatak.com/keys/jadamcrain.asc> 2013-05-03