Fixed NGINX Error: could not allocate new session in SSL session shared cache “le_nginx_SSL”While SSL handshaking

0

A typical web server error with Nginx si Certbot, which I recently discovered in error.log: 

[alert] 19765#19765: *151498 could not allocate new session in SSL session shared cache "le_nginx_SSL" while SSL handshaking, client: ip.ip.ip.ip, server: 0.0.0.0:443

It is an error that occurs sporadically, only in certain scenarios and most often on high traffic websites. Large number of queries.

"le_nginx_SSL", As can be deduced from the name, is responsible for the sessions SSL served for interrogations. Time when the certificate is also verified SSL Let's Encrypt, installed on the server with the help certbot.

Why the NGINX error “could not allocate new session in SSL session shared cache "le_nginx_SSL”While SSL handshaking ”

Sessions SSL of NGINX are stored in a shared memory to share with each query in the browser. When the space allocated to the shared memory (shared) cache SSL is full and NGINX fails to free up space for a new session, this error message appears.

It's not about one critical error of NGINX nor does it have a huge impact on the user experience. By the way in “error.log ”is denoted by“[alert]".

How to fix NGINX error “could not allocate new session in SSL session shared cache "le_nginx_SSL”While SSL handshaking ”

When you install Certbot on a web server (CentOS, Ubuntu) are created several configuration files through which the new service responsible for certificates SSL (Let's Encrypt) communicates with NGINX. One of these files is and options-ssl-nginx.conf. Configuration file in which we can allocate more space for memory share a SSL or we can change the time in which a session SSL to expire and be deleted automatically. 

sudo nano /etc/letsencrypt/options-ssl-nginx.conf

In options-ssl-nginx.conf we can change the parameters, but be very careful, because the changes here will affect the renewal of certificates SSL. 

ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;

We can change how long a session is stored in shared memory for “le_nginx_SSL”. I have allocated 10 MB for the shared cache sessions of SSL, with a timeout of 1440 minutes (24 hours).

For high traffic sites it is recommended that the shared cache be increased, but a balance between traffic (number of sessions) and the amount of time a session will be stored is required.

In my case, the value change at "ssl_session_cache shared:le_nginx_SSL:15m".

Passionate about technology, I enjoy writing on StealthSettings.com since 2006. I have a rich experience in operating systems: macOS, Windows, and Linux, as well as in programming languages and blogging platforms (WordPress) and for online stores (WooCommerce, Magento, PrestaShop).

Tutorials written by me.
Linux Web Hosting
Certbot Config NGINX Nginx NGINX - How-To SSL SSL Nginx
How to » Linux » Fixed NGINX Error: could not allocate new session in SSL session shared cache “le_nginx_SSL”While SSL handshaking

When he will be withdrawn Windows 10 and what PC do we need for Windows 11. Windows 10 end of life

What is TPM and why is it necessary for Windows 11?

Leave a Comment

Stealth Settings

Windows

Windows 11

Windows 10

Windows 8 / 8.1

Windows 7

Windows Vista

Windows XP

Task Manager

how To

Microsoft 365 /Office

Microsoft 365 /Office

Excel

Word

PowerPoint

Outlook

Office 365 Productivity

Linux & Web Software

Nginx

Apache HTTP Server

PHP

SQL/MySQL

CentOS

Ubuntu

Web Hosting

WordPress & WooCommerce

Security & Antivirus

Awareness

Antivirus & Security

Malware

spyware

© 2024 Stealth Settings. IT tutorials and news.

Privacy policy | About Cookies | Contact | About us