Question & Answer
Question
What is SSL session caching of DataPower? What is the meaning of Server-side Session Caching, Server-side Session Timeout and Server-side Session Cache Size? Will it affect SSL renegotiation?
Answer
There are three SSL session caching-related options in SSL proxy profile:
The Server-side session timeout defines the timeout in seconds for each entry in the server-side session cache. The Server-side Session Cache Size defines the entry size of session cache.
To clarify the SSL Renegotiation behavior by version, see How do I enable insecure SSL Renegotiation in an IBM WebSphere DataPower SOA Appliance Service.
When the SSL negotiation happens, the client and server will renegotiate ciphers, encryption/decryption keys, etc. A new entry will be created in the SSL session cache and the cached session will become invalid even though the entry is not timedout.
- Server-side Session Caching
- Server-side Session Timeout
- Server-side Session Cache Size
- There is an existing SSL Session ID for that client
- That session ID is cached and still valid.
The Server-side session timeout defines the timeout in seconds for each entry in the server-side session cache. The Server-side Session Cache Size defines the entry size of session cache.
To clarify the SSL Renegotiation behavior by version, see How do I enable insecure SSL Renegotiation in an IBM WebSphere DataPower SOA Appliance Service.
When the SSL negotiation happens, the client and server will renegotiate ciphers, encryption/decryption keys, etc. A new entry will be created in the SSL session cache and the cached session will become invalid even though the entry is not timedout.
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000CdoNAAS","label":"DataPower->Security (SE)->SSL"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
08 June 2021
UID
swg21442571