TLS session resumption

TLS session resumption greatly improves performance when using TLS by recalling information from a previous successful TLS session negotiation to bypass the most computationally intensive parts of the TLS session key negotiation. HTTP is the protocol that benefits the most from TLS session resumption, but other Internet protocols may benefit as well.

By default, the server caches information from the 50 most recently negotiated sessions. This number can be modified by setting the variable SSL_RESUMABLE_SESSIONS in the NOTES.INI file. Increasing that number may improve performance on servers that tend to carry large numbers of concurrent TLS sessions.

TLS session resumption can be disabled by setting SSL_RESUMABLE_SESSIONS=1 on the server.

SSL_RESUMABLE_SESSIONS has no effect on the Notes® client. The client will cache the most recent TLS session.

Note: You cannot configure TLS sessions to time out and expire.