Many Web browsers are currently implementing functionality that uses SSL sessions to simplify the handshake. Use the browser functionality and the SSL session management functionality to improve the efficiency of the SSL communication efficiency.
SSL session management method differs in UNIX and Windows versions. In UNIX version, a management server (gcache server) is used to manage the SSL session. The gcache server receives the information about the SSL session ID, validity period, and the session through the specified port and file, and manages the session. You can use the gcache server to share the data such as SSL session IDs between request processes of Cosminexus HTTP Server. In Windows version, the SSL session is managed based on the structure of the Web server without using the gcache server.
The gcache server starts if you enable SSL and specify directives that are required to start the gcache server, and start Cosminexus HTTP Server. SSL is enabled when either the SSLEnable directive is specified, or there is a host on which SSLDisable directive is not specified (including virtual host).
You need to specify the following directives to start the gcache server:
Note that if you stop the Web server, the gcache server also stops at the same time. If you restart the Web server, the gcache server stops once, and then restarts.
If you establish the SSL session, the information of that session is cached in the gcache server and Web server process. You can specify cache area size of the gcache server in the SSLSessionCacheSize directive, and the cache in the Web server process in the SSLSessionCacheSizePerChild directive.
When you set the SSLSessionCacheSize directive to 0, the SSL session is not managed.
The validity period of the SSL session is the time period that is lesser of two values; the value specified in the SSLSessionCacheTimeout directive, or the time taken by the cache size to reach the specified value of the SSLSessionCacheSize directive.
When the cache size reaches the value specified for the SSLSessionCacheSize directive, the oldest session information is deleted until memory sufficient to store new session information is secured.
You can reuse the cached session information to simplify the SSL handshake at the time of establishing the next session.
If you establish the SSL session, the session information is cached in Web server process. You can specify the cache area size in the SSLSessionCacheSize directive. When you set the SSLSessionCacheSize directive to 0, the SSL session is not managed.
The validity period of the SSL session is the time period that is lesser of two values; the value specified in the SSLSessionCacheTimeout directive or the time taken by the cache size to reach the specified value of the SSLSessionCacheSize directive.
You can reuse the cached session information to simplify the SSL handshake at the time of establishing the next session.