Table of Contents
Advertisement
By default, the maximum number of cached sessions is 500 and the caching timeout time is 3,600
seconds.
The process of the session parameters negotiation and session establishment by using the SSL
handshake protocol is quite complicated. SSL allows reusing the negotiated session parameters to
establish sessions. Therefore, the SSL server needs to maintain information about existing sessions.
Note that the number of sessions and the time that the session information will be maintained are
limited:
If the number of sessions in the cache reaches the maximum, SSL rejects to cache new sessions.
If a session exists in the cache for a period equal to the caching timeout time, SSL will remove the
information of the session.
Related commands: display ssl server-policy.
Examples
# Set the caching timeout time to 4,000 seconds and the maximum number of cached sessions to 600.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] session timeout 4000 cachesize 600
ssl client-policy
Syntax
ssl client-policy policy-name
undo ssl client-policy { policy-name | all }
View
System view
Default Level
2: System level
Parameters
policy-name: SSL client policy name, a case-insensitive string of 1 to 16 characters, which cannot be
"a", "al" and "all".
all: Specifies all SSL client policies.
Description
Use the ssl client-policy command to create an SSL policy and enter its view.
Use the undo ssl client-policy command to remove a specified or all SSL client policies.
Related commands: display ssl client-policy.
Examples
# Create an SSL client policy named policy1 and enter its view.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1]
12-8
Advertisement
Chapters
Table of Contents
