session

Use session to set the maximum number of sessions that the SSL server can cache and the timeout time for cached sessions.

Use undo session to restore the default.

Syntax

session { cachesize size | timeout time } *

undo session { cachesize | timeout } *

Default

The SSL server can cache a maximum of 500 sessions, and the timeout time for cached sessions is 3600 seconds.

Views

SSL server policy view

Predefined user roles

network-admin

mdc-admin

Parameters

cachesize size: Sets the maximum number of cached sessions, in the range of 100 to 20480.

timeout time: Sets the session cache timeout in the range of 1 to 4294967295 seconds.

Usage guidelines

The SSL server caches SSL sessions to reuse negotiated session parameters to simplify SSL handshake. Use this command to limit the maximum number and timeout time for cached sessions. When the number of cached sessions reaches the maximum, SSL does not cache new sessions. When the timeout timer for a cached session expires, SSL deletes the session.

Examples

# Set the maximum number of cached sessions to 600, and the timeout time for cached sessions to 1800 seconds.

<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] session cachesize 600 timeout 1800

Related commands

display ssl server-policy