I have installed nginx on multiple servers (our load balancers).
When i check my SSL installation with https://www.ssllabs.com/ I get A+ results for each server but the first server has always
Session resumption (caching) No (IDs assigned but not accepted)
while all other servers have
Session resumption (caching) Yes
All servers are configured automatically, so identical. I additionally checked the nginx configuration with
/usr/sbin/nginx -T > lb1.nginx
/usr/sbin/nginx -T > lb2.nginx
...
But there are no differences.
ssl_session is configured like this on every single server:
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:100m;
Now comes the interesting part:
I have ten load balancers and the first one is marked by ssllabs with 'session Resumption: No'.
Now I moved the IP Address of the first server to the second server. The first request of ssllabs which is now going to the second server and is showing 'session Resumption: No'. The second request which is going to the second server, too, is showing 'session Resumption: Yes'. But both queries are arriving at the same server.
It seems to me that ssl labs is doing something different with the first request.
Can there be any other reason why ssllabs shows NO session resumption only for the first request no matter to which server is "first"?
I think you need to add this configuration if you still dont have in you current configuration,
And are you sure that two servers have the same configuration? Please check with 'nginx -T' command, this command will show actual nginx configuration. If there is a difference between the result of command 'nginx -T' between two servers then the error is because you not reload your nginx configuration. Thanks