I have noticed that the variables ssl_session_id and ssl_session_reused
are
always empty for http2 traffic (and for spdy before that). Under http
1.1
they are set as expected and documented.
What’s the reason for this? Why not list the ID of the single connection
that is used for the multiplexing?
A big reason why I am logging both variables is to make sure that ssl
connections are being reused for http2 and to be able to check if the
ssl
cache
overruns. If the those two variables are not available, what do you
suggest
to use instead?
On Mon, Jun 13, 2016 at 03:00:16AM -0400, gitl wrote:
I have noticed that the variables ssl_session_id and ssl_session_reused are
always empty for http2 traffic (and for spdy before that). Under http 1.1
they are set as expected and documented.
What’s the reason for this? Why not list the ID of the single connection
that is used for the multiplexing?
A big reason why I am logging both variables is to make sure that ssl
connections are being reused for http2 and to be able to check if the ssl
cache
overruns. If the those two variables are not available, what do you suggest
to use instead?
The $ssl_session_id and $ssl_session_reused variables are
available with HTTP/2 much like with normal HTTP. There are
couple of nuances though:
in HTTP/2 connections are usually kept open for a long time, and you
aren’t likely to see actual SSL session reuse due to this - in most
cases you will see just another request in an already opened
connection.