Page History

OpenSSL tends to allocate about 50KB of memory for each connection. Setting flag: "SSL_MODE_RELEASE_BUFFERS" can save around 34K per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections. ref: http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html .

Default is 300 seconds. It's good to be configurable so that application can specify the threshold for the expiration of internal session and session ticket. Therefore, this is now configurable with the following configuration option:

CONFIG proxy.config.ssl.session_cache.timeout INT 0