You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by su...@apache.org on 2015/02/12 23:06:19 UTC

trafficserver git commit: TS-3080: Documentation for SSL Session Caching

Repository: trafficserver
Updated Branches:
  refs/heads/master 58a0eff5d -> 7492c3a00


TS-3080: Documentation for SSL Session Caching


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/7492c3a0
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/7492c3a0
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/7492c3a0

Branch: refs/heads/master
Commit: 7492c3a00056ec0333f9faff746fbf3270f3c6b4
Parents: 58a0eff
Author: Brian Geffon <br...@apache.org>
Authored: Tue Oct 7 18:49:01 2014 -0700
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Thu Feb 12 22:05:37 2015 +0000

----------------------------------------------------------------------
 .../configuration/records.config.en.rst         | 40 +++++++++++++++++++-
 1 file changed, 38 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/7492c3a0/doc/reference/configuration/records.config.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst
index e65a03c..5df77d5 100644
--- a/doc/reference/configuration/records.config.en.rst
+++ b/doc/reference/configuration/records.config.en.rst
@@ -2206,12 +2206,48 @@ SSL Termination
   throughput, and then reset record size back to a single segment
   after 1 second of inactivity—lather, rinse, repeat.
 
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache INT 2
+
+	Enables the SSL Session Cache:
+	
+	- ``0`` = Disables the session cache entirely
+	
+	- ``1`` = Enables the session cache using OpenSSLs implementation.
+	
+	- ``2`` = (default) Enables the session cache using Traffic Server's implementation.
+			This implentation should perform much better than the OpenSSL
+			implementation.
+			
+
 .. ts:cv:: CONFIG proxy.config.ssl.session_cache.timeout INT 0
 
   This configuration specifies the lifetime of SSL session cache
   entries in seconds. If it is ``0``, then the SSL library will use
-  a default value, typically 300 seconds.
-
+  a default value, typically 300 seconds. Note: This option has no affect
+  when using the Traffic Server session cache (option ``2`` in 
+  ``proxy.config.ssl.session_cache``)
+  
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.size INT 102400
+
+  This configuration specifies the maximum number of entries
+  the SSL session cache may contain.
+  
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.num_buckets INT 1024
+
+  This configuration specifies the number of buckets to use with the
+  Traffic Server SSL session cache implementation. The TS implementation
+  is a fixed size hash map where each bucket is protected by a mutex.
+
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.skip_cache_on_bucket_contention INT 0
+
+	This configuration specifies the behavior of the Traffic Server SSL session
+	cache implementation during lock contention on each bucket:
+	
+	- ``0`` = (default) Don't skip session caching when bucket lock is contented.
+	
+	- ``1`` = Don't use the SSL session cache for this connection during lock contention.
+
+	
 .. ts:cv:: CONFIG proxy.config.ssl.hsts_max_age INT -1
 
   This configuration specifies the max-age value that will be used