This discussion is archived
5 Replies Latest reply: Mar 3, 2011 4:22 PM by EJP RSS

SSL session resumption

844028 Newbie
Currently Being Moderated
Hi

I tried to find out how to reuse ssl session in java, but i dont find anywhere!

Can anyone show me how to reuse it in example. thanks!
  • 1. Re: SSL session resumption
    EJP Guru
    Currently Being Moderated
    It happens automatically. You can control it a bit via the SSLSessionContext, where SSL sessions are stored.
  • 2. Re: SSL session resumption
    844028 Newbie
    Currently Being Moderated
    hi EJP.
    Thanks for your good answer.

    I try to use the session context as following
    SSLContext context = SSLContext.getInstance("TLSv1");
    KeyManager[] keyManagers = kmf.getKeyManagers();
    SSLSessionContext scontext = context.getServerSessionContext();
    scontext.setSessionTimeout(10);
    scontext.setSessionCacheSize(100);
    context.init(keyManagers, null, null);

    but i don't see it influence the ssl socket connections to my server! The SSLSession is not store in SSLSessionContext!
    Maybe i don't use it rightly. Can u tell the the right way to use it! thanks!

    Edited by: 841025 on Mar 2, 2011 9:51 PM
  • 3. Re: SSL session resumption
    EJP Guru
    Currently Being Moderated
    The SSLSession is not store in SSLSessionContext!
    By what test?
    Can you tell the the right way to use it!
    As I said above, you don't have to use it at all. It happens automatically.

    NB the SSL session timeout you are setting of 10 seconds is absurd: an hour or so would be more like it. And why the limit of 100 sessions? I would have a good look at the default values before playing around with them. FYI the defaults in JDK 1.6 are zero=infinite cache size and a timeout of 24 hours.
  • 4. Re: SSL session resumption
    844028 Newbie
    Currently Being Moderated
    Hi EJP
    Thanks for your quick replies!

    When client was connecting to server, i get the ids from scontext:

    Enumeration<byte[]> ids = scontext.getIds();
    System.out.print(ids.hasMoreElements());

    And the result is false at print line.

    I set the size is 100 because i don't know the default value.
    I set the time-out value is 10 because i want to see what happen when time is out. But i don't see any thing.
    Can you tell me why?

    Edited by: 841025 on Mar 2, 2011 10:43 PM
  • 5. Re: SSL session resumption
    EJP Guru
    Currently Being Moderated
    In JSSE the SSL session isn't created until the handshake is complete, which happens automatically when you do the first I/O on the SSLSocket, or when you get the SSLSession from the SSLSocket.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points