trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bri...@apache.org
Subject [2/3] git commit: TS-3080: Documentation for SSL Session Caching
Date Wed, 08 Oct 2014 18:34:03 GMT
TS-3080: Documentation for SSL Session Caching


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/72b7c05c
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/72b7c05c
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/72b7c05c

Branch: refs/heads/master
Commit: 72b7c05ceddc04e4556db77f696ff3c8e917002c
Parents: 195259b
Author: Brian Geffon <briang@apache.org>
Authored: Tue Oct 7 18:49:01 2014 -0700
Committer: Brian Geffon <briang@apache.org>
Committed: Tue Oct 7 18:52:34 2014 -0700

----------------------------------------------------------------------
 .../configuration/records.config.en.rst         | 40 +++++++++++++++++++-
 1 file changed, 38 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/72b7c05c/doc/reference/configuration/records.config.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst
index f0d8f26..305ed09 100644
--- a/doc/reference/configuration/records.config.en.rst
+++ b/doc/reference/configuration/records.config.en.rst
@@ -2164,12 +2164,48 @@ SSL Termination
   buffering at the SSL layer. The default of ``0`` means to always
   write all available data into a single SSL record.
 
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache INT 2
+
+	Enables the SSL Session Cache:
+	
+	- ``0`` = Disables the session cache entirely
+	
+	- ``1`` = Enables the session cache using OpenSSLs implementation.
+	
+	- ``2`` = (default) Enables the session cache using Traffic Server's implementation.
+			This implentation should perform much better than the OpenSSL
+			implementation.
+			
+
 .. ts:cv:: CONFIG proxy.config.ssl.session_cache.timeout INT 0
 
   This configuration specifies the lifetime of SSL session cache
   entries in seconds. If it is ``0``, then the SSL library will use
-  a default value, typically 300 seconds.
-
+  a default value, typically 300 seconds. Note: This option has no affect
+  when using the Traffic Server session cache (option ``2`` in 
+  ``proxy.config.ssl.session_cache``)
+  
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.size INT 102400
+
+  This configuration specifies the maximum number of entries
+  the SSL session cache may contain.
+  
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.num_buckets INT 1024
+
+  This configuration specifies the number of buckets to use with the
+  Traffic Server SSL session cache implementation. The TS implementation
+  is a fixed size hash map where each bucket is protected by a mutex.
+
+.. ts:cv:: CONFIG proxy.config.ssl.session_cache.skip_cache_on_bucket_contention INT 0
+
+	This configuration specifies the behavior of the Traffic Server SSL session
+	cache implementation during lock contention on each bucket:
+	
+	- ``0`` = (default) Don't skip session caching when bucket lock is contented.
+	
+	- ``1`` = Don't use the SSL session cache for this connection during lock contention.
+
+	
 .. ts:cv:: CONFIG proxy.config.ssl.hsts_max_age INT -1
 
   This configuration specifies the max-age value that will be used


Mime
View raw message