Disable SSL session IDs for session tracking

Disable SSL session IDs for session tracking

This configuration step applies only when delayed certificate authentication has been enabled. Disable the use of SSL session IDs to track session state. Verify the default "no" value for the ssl-id-sessions stanza entry in the WebSEAL configuration file:
[session] ssl-id-sessions = no
In this case, SSL IDs cannot be used to maintain user sessions because when the user is prompted for a certificate, the user's SSL ID will change. If ssl-id-sessions is set to "yes", WebSEAL generates an error message upon startup and shuts down.
Parent topic: Client-side certificate authentication