I do not believe that is the case - actually from doing this myself, I am 
pretty sure it is not.

Turning off keepalive forces the TCP connection to be shut down by the server 
after each request so that the client will need to re-establish a TCP 
connection to submit the next request. The keepalive timeout usualy is only 30 
seconds anyway, so you really only take advantage of the keepalive when 
downloading a page with lots of embedded objects.

The SSL session however is only re-negotiated something like every two minutes 
provided the client and the server both have an SSL session cache. It is 
maintained across TCP connections to the same site. I do not know that you can 
actually tune the SSL session cache in browsers, but in Apache you definitely 
can.

In conclusion, turning off keepalive does not disable the re-use of SSL 
sessions or force SSL handshake at the next TCP connections.

-ascs

-----Original Message-----
From: Qingshan Xie [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 09, 2005 5:59 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] HTTPS: what is the relation of ssl-handshake and 
keepalive?

All, 

   I am not clear the relation between KeepAlive and SSL-HandShake.  I think if 
KeepAlive is turned off, the SSL-HandShake will be processed in every request. 
However, if KeepAlive is turned on, the following requests after the 1st 
SSL-HandShake during the period of KeepAlive won't need SSL-HandShake.  Can 
some confirm if the above statement is right?

Many Thanks, Q.Xie


                
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to