The Global Session Cache
SSL uses a session key to secure
each connection. When the
connection starts, certificates are checked, and a new session key is
agreed between the client and server (note that because of the joys
of public-key encryption, this new key is only known to the client
and server). This is a time-consuming process, so Apache-SSL and the
client can conspire to improve the situation by reusing session keys.
Unfortunately, since Apache uses a multiprocess execution model,
there’s no guarantee that the next connection from
the client will use the same instance of the server. In fact, it is
rather unlikely. Thus, it is necessary to store session information
in a cache that is accessible to all the instances of Apache-SSL.
This is the function of the
gcache
program. It is controlled by the
SSLCacheServerPath
,
SSLCacheServerPort
,
SSLSessionCacheTimeout
directives for Apache v1.3,
and SSLSessionCache
for Apache v2, described later
in this chapter.
Get Apache: The Definitive Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.