Reputation: 77349
When does HTTPS handshake take place?
I understand from various sources that the HTTPS handshake is the heaviest part of using HTTPS. I'm using POSTs internally between my servers to communicate information and would like to use HTTPS for it. I wondered how long the actual HTTPS handshake lasts/"stays open"? Is it re-done for each POST I'm sending to a server, or what is the lifetime?
Upvotes: 9
Views: 10840
Answers (3)
Reputation: 1962
The SSL handshake is only done at the beginning of a session and is mainly about generating a shared session key that is used to encrypt all later traffic.
You can find a very good description of the handshake here.
Upvotes: 12
Reputation: 8158
I don't know the particulars, but I'm sure the handshake is supposed to occur only when the session is started. It would be too expensive otherwise.
Edit: Here's a nice description of the process.
Upvotes: 0
Reputation: 6249
I believe the handshake occurs on connection (ie, as part of the SSL negotiation). It you use HTTP keep-alive connections then the handshake only occurs once as long as the connection is active.
Upvotes: 2
Related Questions
- How dose the client securely sends secert to server before encrypted transmission starts during SSL handshake in HTTPS connection
- During the HTTPS connection, who raises the request to close the connections
- TCP handshake: at which point exactly the connection is considered established and data can be sent?
- Confusion about HTTPS --> How is SSL handshake happing
- TLS Handshake Steps
- SSL Handshake and Server Response
- what layer does SSL handshake happen?
- Clarification on SSL Handshake
- Will SSL protocol ask for handshake after initial handshake?
- SSL Authentication