TLS session resumption - Need a Domino Consultant? Call NotesMail +1 212-599-2048- HCLSoftware Business Partner

SECURING

TLS session resumption
TLS session resumption greatly improves performance when using TLS by recalling information from a previous successful TLS session negotiation to bypass the most computationally intensive parts of the TLS session key negotiation. HTTP is the protocol that benefits the most from TLS session resumption, but other Internet protocols may benefit as well.

By default, the server caches information from the 50 most recently negotiated sessions. This number can be modified by setting the variable SSL_RESUMABLE_SESSIONS in theNOTES.INI file. Increasing that number may improve performance on servers that tend to carry large numbers of concurrent TLS sessions.

TLS session resumption can be disabled by setting SSL_RESUMABLE_SESSIONS=1 on the server.

SSL_RESUMABLE_SESSIONS has no effect on the Notes® client. The client will cache the most recent TLS session.

Note: You cannot configure TLS sessions to time out and expire.

Parent topic: TLS security

Related concepts
NOTES.INI Settings

Help on Help

All Help Contents

Help on Help

All Help Contents