tags:

views:

35

answers:

1
+2  Q: 

How do you enable SSL sessions for your HTTPS service?

Following on from the best answer here: http://stackoverflow.com/questions/548029/how-much-overhead-does-ssl-impose

Is there a way to optimise SSL beyond a simple apache SSL install?

From the best answer given on that page I infer that there is some way to set-up persistent SSL sessions over multiple calls (where there is less handshake overhead). Is that correct?

If so, what's the best resource to learn about configuring the server to work that way?

+1  A: 

SSL session caching is one optimization, which you can configure for Apache by looking at the discussion here. Look at the SSLSessionCache directive and related.

This will boost your performance for usage patterns that have the same client hitting the server multiple times within the session timeout period. However, when the pattern tends more toward one server hit per client for numerous clients, you won't see any speedups.

GregS  2010-02-19 01:29:34
Just a quick follow up on this. I found out that Rackspace don't offer this on cloudsites (but they do on cloudservers)
Justin Vincent  2010-02-19 03:16:53

related questions

Why is access denied when installing SSL cert on IIS 5?
What does a PHP developer need to know about https / secure socket layer connections?
Am I turning away customers by disabling SSL 2.0 and PCT 1.0 in IIS5?
Coding Dojo with IE and SSL
Enforce SSL in code in an ashx handler
How to connect to PostgreSQL from .NET using TLS with both client and server authentication?
HELP SSL GURUs!!! ... Problems with SSL Connection
What's a clean/simple way to ensure the security of a page?
How to specify accepted certificates for Client Authentication in .NET SslStream
SharePoint stream file for preview
Problem with Oracle Application Server SSL Certificates
Is there a limit with the number of SSL connections?
Testing HTTPS files with MAMP
Cheapest SSL certificates
Limiting traffic to SSL version of page only
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Is there a way to make Firefox ignore invalid ssl-certificates?
How do I create a self signed SSL certificate to use while testing a web app.
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
HTTPS in IIS 5.1
How do you redirect HTTPS to HTTP?
Debugging: IE6 + SSL + AJAX + post form = 404 error
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Options for Google Maps over SSL