 |
 |
@wyang007 - you could reasonably argue that this and #750 are really issues with `XrdHttp` that are bypassed by `XrdLCMAPS`. - This ticket is caused because the session cache is not disabled in `XrdHttp`. `XrdLCMAPS` does this when it is loaded. - #750 is caused because the `SSL_CTX` object is loaded at initialization by `XrdHttp` and a corresponding `X509_STORE` is never refreshed. The `X509_STORE` pointer is passed from `XrdHttp` to the VOMS library and things blow up when VOMS attempts the CRL check (note the error message from #750 is from `libvomsapi`, not OpenSSL). `XrdLCMAPS` isn't affected because it doesn't use `XrdHttp`'s `X509_STORE` object periodically reloads its `X509_STORE` objects every 10 minutes (it also gets a bit clever in that is hashes the activity over 63 copies of the cert store so multiple threads don't have to share a single global mutex). -- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1177#issuecomment-613080475 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1