515
Examples
# Enable the SSL client to use digital certificates to authenticate the SSL server.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] server-verify enable
Related commands
display ssl client-policy
session
Use
session
to set the maximum number of sessions that the SSL server can cache and the timeout
time for cached sessions.
Use
undo session
to restore the default.
Syntax
session
{
cachesize size
|
timeout
time
} *
undo session
{
cachesize
|
timeout
} *
Default
The SSL server can cache a maximum of 500 sessions, and the timeout time for cached sessions is
3600 seconds.
Views
SSL server policy view
Predefined user roles
network-admin
mdc-admin
Parameters
cachesize size
: Sets the maximum number of cached sessions, in the range of 100 to 20480.
timeout
time
: Sets the session cache timeout in the range of 1 to 4294967295 seconds.
Usage guidelines
The SSL server caches SSL sessions to reuse negotiated session parameters to simplify SSL
handshake. Use this command to limit the maximum number and timeout time for cached sessions.
When the number of cached sessions reaches the maximum, SSL does not cache new sessions.
When the timeout timer for a cached session expires, SSL deletes the session.
Examples
# Set the maximum number of cached sessions to 600, and the timeout time for cached sessions to
1800 seconds.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] session cachesize 600 timeout 1800
Related commands
display ssl server-policy