5 Replies Latest reply: Mar 3, 2011 6:22 PM by EJP RSS

    SSL session resumption

    844028
      Hi

      I tried to find out how to reuse ssl session in java, but i dont find anywhere!

      Can anyone show me how to reuse it in example. thanks!
        • 1. Re: SSL session resumption
          EJP
          It happens automatically. You can control it a bit via the SSLSessionContext, where SSL sessions are stored.
          • 2. Re: SSL session resumption
            844028
            hi EJP.
            Thanks for your good answer.

            I try to use the session context as following
            SSLContext context = SSLContext.getInstance("TLSv1");
            KeyManager[] keyManagers = kmf.getKeyManagers();
            SSLSessionContext scontext = context.getServerSessionContext();
            scontext.setSessionTimeout(10);
            scontext.setSessionCacheSize(100);
            context.init(keyManagers, null, null);

            but i don't see it influence the ssl socket connections to my server! The SSLSession is not store in SSLSessionContext!
            Maybe i don't use it rightly. Can u tell the the right way to use it! thanks!

            Edited by: 841025 on Mar 2, 2011 9:51 PM
            • 3. Re: SSL session resumption
              EJP
              The SSLSession is not store in SSLSessionContext!
              By what test?
              Can you tell the the right way to use it!
              As I said above, you don't have to use it at all. It happens automatically.

              NB the SSL session timeout you are setting of 10 seconds is absurd: an hour or so would be more like it. And why the limit of 100 sessions? I would have a good look at the default values before playing around with them. FYI the defaults in JDK 1.6 are zero=infinite cache size and a timeout of 24 hours.
              • 4. Re: SSL session resumption
                844028
                Hi EJP
                Thanks for your quick replies!

                When client was connecting to server, i get the ids from scontext:

                Enumeration<byte[]> ids = scontext.getIds();
                System.out.print(ids.hasMoreElements());

                And the result is false at print line.

                I set the size is 100 because i don't know the default value.
                I set the time-out value is 10 because i want to see what happen when time is out. But i don't see any thing.
                Can you tell me why?

                Edited by: 841025 on Mar 2, 2011 10:43 PM
                • 5. Re: SSL session resumption
                  EJP
                  In JSSE the SSL session isn't created until the handshake is complete, which happens automatically when you do the first I/O on the SSLSocket, or when you get the SSLSession from the SSLSocket.