Sslsessioncache syntax error

If the following error is encountered in the error.log file:

[warn] Init: Session Cache is not configured [hint: SSLSessionCache]

This usually points to a distro breaking up SSL directives from the base SSL virtual host configuration. The default SSL configuration shipped with apache.org’s Apache package contains these SSL configurations along with a base virtual host configuration.

Make sure that your SSL configuration file gets loaded before your virtual host configuration file and contains a line that looks like:

SSLSessionCache        shmcb:/some/example/path/ssl_scache(512000)

For confirmation, use http://localhost/server-status to check the cache status.

Output should be similar to the following:

SSL/TLS Session Cache Status: <<BR>> 
cache type: SHMCB, shared memory: 512000 bytes, current sessions: 1[[BR]]
sub-caches: 32, indexes per sub-cache: 133[[BR]]
time left on oldest entries' SSL sessions: avg: 297 seconds, (range: 297...297)[[BR]]
index usage: 0%, cache usage: 0%[[BR]]
total sessions stored since starting: 1[[BR]]
total sessions expired since starting: 0[[BR]]
total (pre-expiry) sessions scrolled out of the cache: 0[[BR]]
total retrieves since starting: 1 hit, 1 miss[[BR]]
total removes since starting: 0 hit, 0 miss[[BR]]

If you do not get any session cache statistics on the server-status page then your SSL configuration is not correctly set.

To enable server-status, the following construct can be used in your Apache configuration file:

Example

<IfModule mod_status.c>
    #
    # Allow server status reports generated by mod_status,
    # with the URL of http://servername/server-status
    # Change the ".example.com" to match your domain to enable.
    #
    ExtendedStatus On 
    <Location /server-status>
        SetHandler server-status
        Order deny,allow
        Deny from all
        Allow from .example.com
    </Location>
</IfModule>

Problems on 64-bit Microsoft Windows

The following error may be encountered in the error.log file on a 64-bit version of Windows with the 32-bit version of Apache:

Syntax error on line 62 of C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/extra/httpd-ssl.conf:
SSLSessionCache: Invalid argument: size has to be >= 8192 bytes

The offending line will be something like this:

SSLSessionCache "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"

Due to a parser error the «(x86)» in the path is mistakenly found when looking for the bracketed cache size parameter at the end. A work-around is to create a link to the Apache folder somewhere else and then replace the Apache folder of the above path with the path of that link. For example, create a link to
C:/Program Files (x86)/Apache Software Foundation

in your user folder as:

c:UsersmyusernameApache

and then use that path in the config file:

SSLSessionCache "shmcb:c:/Users/myusername/Apache/Apache2.2/logs/ssl_scache(512000)"

As an alternative under Vista/Windows 7/Server 2008/Server 2008 R2 64bit you can create a junction:

mklink /j "C:Program FilesApache Software FoundationApache2.2logs" "C:Program Files (x86)Apache Software FoundationApache2.2logs"

and then simply remove the (x86) from the path in the config file:

"shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"

A less complex alternative is to use the 8.3 compatible short name for «Program Files (x86)» which can be found by running:

The short name will probably look like «PROGRA~2». The offending line can then be changed to:

SSLSessionCache "shmcb:C:/PROGRA~2/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"

NOTE: The tilde (~) must be backslash escaped.

With the importance of HTTPS for security and SEO (according to Google), you need a development environment that lets you run your site locally on https. Unfortunately, right out of the box, WampServer only includes a parts of what you need to get your local web server running over https://localhost.

In this article, we will go over the exact steps you can follow to get HTTPS / SSL working on your Wamp Server. These instructions assume that you are installing the 64-bit version of WampServer for Windows to your c: drive. If not, just replace c: with d:. You may also need to change the version number in some of the paths depending on when you downloaded Wamp Server.

How to use WAMP + SSL to open localhost over https:

1. Download & install WampServer.
2. Open a command prompt (WindowsKey + R > cmd > click OK) and enter the following commands.
   cd c:wamp64binapacheapache2.4.27bin
   openssl genrsa -aes256 -out private.key 2048
   openssl rsa -in private.key -out private.key
   openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500 -config c:wamp64binapacheapache2.4.27confopenssl.cnf
   Note: You can pretty much answer the questions any way you want though real answers are best. The one question that really matters here is the FQDN. It should be: localhost.
3. Move the private.key and certificate.crt files from c:wamp64binapacheapache2.4.27bin to the c:wamp64binapacheapache2.4.27confkey folder. If the key folder doesn’t already exist, create it.
4. Using a text editor like Notepad, open c:wamp64binapacheapache2.4.27confhttpd.conf and un-comment following 3 lines:
   LoadModule ssl_module modules/mod_ssl.so
   Include conf/extra/httpd-ssl.conf
   LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
5. Using a text editor like Notepad, open c:wamp64binapacheapache2.4.27confextrahttpd-ssl.conf and apply the following changes:
   Below the line: <VirtualHost _default_:443>, check the following parameters to ensure they are configured correctly and not commented.
   ————————————-
   DocumentRoot «c:/wamp64/www»
   ServerName localhost:443
   ServerAdmin admin@example.com
   SSLSessionCache «shmcb:c:/wamp64/bin/apache/apache2.4.27/logs/ssl_scache(512000)»
   ErrorLog «c:/wamp64/bin/apache/apache2.4.27/logs/error.log»
   TransferLog «c:/wamp64/bin/apache/apache2.4.27/logs/access.log»
   SSLCertificateFile «c:/wamp64/bin/apache/apache2.4.27/conf/key/certificate.crt»
   SSLCertificateKeyFile «c:/wamp64/bin/apache/apache2.4.27/conf/key/private.key»
   ————————————-
6. Save the file and close it.
7. You are done. To check the validity of file, at the command prompt, enter:
   c:wamp64binapacheapache2.4.27binhttpd -t
   and then use your web browse to go to https://localhost/

From this point on, you should be able to start, stop and restart Wamp Server and SSL-HTTPS will continue to work.

Enjoy!

Michael Milette

The error ‘SSLSessionCache: ‘shmcb’ session cache not supported’ normally occurs after upgrading the Apache from 2.2. to 2.4 version.

Here at Bobcares, we have seen several such apache related errors as part of our Server Management Services for web hosts and online service providers.

Today we’ll take a look at the causes for this error and see the fix.

Facts about the error SSLSessionCache: ‘shmcb’ session cache not supported

mod_socache_shmcb is a shared object cache provider. It mainly provides for creation and access to a cache backed by a high-performance cyclic buffer inside a shared memory segment.

shmcb:/path/to/datafile(512000)

There was an upgrade available for Apache from 2.2 version to 2.4. When it was upgraded to 2.4, the WebServer didn’t start properly. As a result, it threw the below error message.

SSLSessionCache: ‘shmcb’ session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).

Different causes and fixes for the error ‘SSLSessionCache: ‘shmcb’ session cache not supported’

Now let’s take a look at the different causes of this error message. Also, we shall see how our Support Engineers fix them.

In Windows

Causes:

By default, the module mod_socache_shmcb is not enabled in apache 2.4. Whereas, in Apache 2.2, the following line is uncommented in apache/conf/httpd.conf by default.

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

But from the Apache 2.4, the above line is commented by default.

Solution:

-In order to fix this error message, we uncomment the above line in apache/conf/httpd.conf, by simply removing the # sign before it.

-Also, we ensure that the Apache 64 bit is installed if the OS is 64 bit.

-Verify that the servername present in the SSL configuration file matches the SSL certificate.

In Linux

Cause:

After upgrading to Apache 2.4, the module socache_shmcb.load might be missing in /etc/apache2/mods-enabled.

Solution:

In order to resolve this, we create a symbolic link pointing to the module. Then we enable it in /etc/apache2/mods-enabled by running the below command.

ln -s /etc/apache2/mods-available/socache_shmcb.load /etc/apache2/mods-enabled/

After that, it is necessary to restart the Apache. For that, you can run any of the below commands depending on your config.

service apache2 restart
/etc/init.d/apache2 restart
systemctl restart apache2
apache2 -k restart

In Plesk panel

Cause:

After upgrading the Apache version to 2.4, the configuration files were not completely switched.

Solution:

Check for the existence of custom templates in /usr/local/psa/admin/conf/templates folder. In case, if it exists then review all of them and change Include to IncludeOptional in every line that contain a wildcard.

However, if the custom templates are not available then change Include to IncludeOptional in every line that contains wildcard in the following files:

/etc/apache2/conf.d/zz010_psa_httpd.conf
/etc/apache2/plesk.conf.d/server.conf
/etc/apache2/plesk.conf.d/horde.conf

Make sure to enable and activate the following Apache modules

# a2enmod authz_core authz_host access_compat socache_shmcb slotmem_shm mpm_worker unixd php5 dir

[Need any assistance in fixing Apache errors? – We’ll help you]

Conclusion

In short, this error occurs after upgrading the Apache from 2.2. to 2.4 version. Today, we saw the different causes and its solution to this error.

var google_conversion_label = «owonCMyG5nEQ0aD71QM»;