The error, SSLSessionCache cannot occur within VirtualHost section trigger when SSLSessionCache directive is inside the VirtualHost section.

Here, at Bobcares, we assist our customers with several VirtualHost section queries as part of our Server Management Services.

Today, let us focus on the cause and an effective solution suggested by our Support Engineers in order to fix this error.

SSLSessionCache

SSLSessionCache is the file-based cache of established SSL sessions. When reestablishing a connection to the same server, using an SSL session cache can save some time, power, and bandwidth.

SSLSessionCache configures the storage type of the global/interprocess SSL Session Cache. This cache is an optional facility that speeds up parallel request processing.

It supports the following storage types:

• none

This is the default and just disables the global/interprocess Session Cache. There is no drawback in functionality, but a noticeable drop in speed penalty can result.

• dbm:/path/to/datafile

This makes use of a DBM hash file on the local disk to synchronize the local OpenSSL memory caches. The slight increase in I/O on the server results in a visible request speedup for our clients, so we recommend this type of storage.

• shm:/path/to/datafile[( size )]

This makes use of a high-performance hash table inside a shared memory segment in RAM to synchronize the local OpenSSL memory caches. This storage type is not available on all platforms.

Cause of SSLSessionCache cannot occur within VirtualHost section

On checking the validity of the apache configuration file using httpd -t, the following error was received:

SSLSessionCache cannot occur within <VirtualHost> section

This triggers when the SSLSessionCache is inside the VirtualHost and since it does not usually allow the same.

Solution for SSLSessionCache cannot occur within VirtualHost section

In order to solve this error, our Support Techs define SSLSessionCache outside the VirtualHost section.

For example,

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache “shmcb:Z:/wamp/bin/apache/Apache2.2.11/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 300
SSLMutex default

NameVirtualHost *:443

<VirtualHost *:443>
ServerName “bobcares.com”
DocumentRoot “Z:/wamp/www/”

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificatePath “Z:/wamp/OpenSSL/certs/”
SSLCACertificateFile “Z:/wamp/OpenSSL/certs/public.crt”
SSLCACertificateFile “Z:/wamp/OpenSSL/certs/ca.pem”
SSLCertificateKeyFile “Z:/wamp/OpenSSL/certs/ssl.key”
SSLCertificateChainFile “Z:/wamp/OpenSSL/certs/sub.class1.server.ca.pem”
</VirtualHost>

[Couldn’t solve the error? We are available 24*7]

Conclusion

To conclude, SSLSessionCache is a file-based cache of established SSL sessions. Today, we saw how our Support Engineers go about in order to fix this error.