Reputation: 745
How to disable Java's SSL session resumption
I need to test our nginx new SSL connection handshake performance, so we need to disable the ssl resumption function either in the client side or in the server side.
It's very easy to implement it in nginx side, just off the session cache and session ticket, but each time when I want to test the production's performance, I have to disable the function, which is annoying.
So another way is to disable session resumption in the client side, and our benchmark program is written by Java. We found that the appropriate method is SSLContext's setSessionCacheSize and setSessionTimeout function, but if the value is set to 0, then I found that all the ssl connection is reused, so I have to set it to 1, which result in 90% connections resumption in my testing.
So my question is how to disable ssl session resumption in Java JDK 8 when making SSL connection with the server.
Upvotes: 0
Views: 3436
Answers (1)
Reputation: 310885
- Get the
SSLSessionfrom the socket. - Call
SSLSession.invalidate().
Upvotes: 1
Related Questions
- Shutting down SSL without closing underlying socket?
- Java TLS Session Reuse after closed connection
- Disable SSLHandshakeException for a single connection
- How to disable SSL Session Cache server side java?
- Java JSSE SSLEngine cannot resume SSL session
- Whats an easy way to totally ignore ssl with java url connections?
- How to disable SSL session resumption on client side completely?
- Resume TLS connection in Java
- Disable JAVA SSL3
- Exit from ssl session