diff --git a/ChangeLog b/ChangeLog
index b0838206..cd93f668 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+05/08/2021
+- store timestamps in session in seconds to avoid string conversion problems on some (libapr-1)
+  platform build/run combinations, causing "maximum session duration exceeded" errors
+- bump to 2.4.8.2
+
 05/07/2021
 - add OIDCClientTokenEndpointKeyPassword option to allow the use of an encrypted private key
 - release 2.4.8.1
diff --git a/configure.ac b/configure.ac
index 8d318315..039a3c09 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([mod_auth_openidc],[2.4.8.1],[hans.zandbelt@zmartzone.eu])
+AC_INIT([mod_auth_openidc],[2.4.8.2],[hans.zandbelt@zmartzone.eu])
 
 AC_SUBST(NAMEVER, AC_PACKAGE_TARNAME()-AC_PACKAGE_VERSION())
 
diff --git a/src/session.c b/src/session.c
index 5b22f981..b6e0739f 100644
--- a/src/session.c
+++ b/src/session.c
@@ -480,7 +480,7 @@ static void oidc_session_set_timestamp(request_rec *r, oidc_session_t *z,
 		const char *key, const apr_time_t timestamp) {
 	if (timestamp != -1)
 		oidc_session_set(r, z, key,
-				apr_psprintf(r->pool, "%" APR_TIME_T_FMT, timestamp));
+				apr_psprintf(r->pool, "%" APR_TIME_T_FMT, apr_time_sec(timestamp)));
 }
 
 static json_t *oidc_session_get_str2json(request_rec *r, oidc_session_t *z,
@@ -505,7 +505,7 @@ static apr_time_t oidc_session_get_key2timestamp(request_rec *r,
 	const char *s_expires = oidc_session_get_key2string(r, z, key);
 	if (s_expires != NULL)
 		sscanf(s_expires, "%" APR_TIME_T_FMT, &t_expires);
-	return t_expires;
+	return apr_time_from_sec(t_expires);
 }
 
 void oidc_session_set_filtered_claims(request_rec *r, oidc_session_t *z,