Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8239074

Update the default SSL session cache size to 20480

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P3 P3
    • 8-pool
    • security-libs
    • None
    • behavioral
    • minimal
    • Hide
      The default SSL session cache size is an implementation detail and not part of the API specification. Users with thousands of connections will see the behavioral difference noted in the Description, but such users are expected to be sophisticated enough to adapt their code if necessary. The vast majority of users will see only improved performance.
      Show
      The default SSL session cache size is an implementation detail and not part of the API specification. Users with thousands of connections will see the behavioral difference noted in the Description, but such users are expected to be sophisticated enough to adapt their code if necessary. The vast majority of users will see only improved performance.
    • Java API

      Summary

      Update the default value for the maximum number of entries in the SSL session cache (SSLSessionContext.getSessionCacheSize()).

      Problem

      The default value for the maximum number of entries in the SSL session cache (SSLSessionContext.getSessionCacheSize()) is infinite, and the entry timeout is 24 hours. With larger heaps, applications are running into situations where the cache ends up with several million entries at the 24 hour mark, at which time many of them are invalidated at almost the same time, which can result in multi-minute pauses, which are effectively service failures.

      However, no matter what the default value is, it will not fit perfectly in all situations.

      Solution

      Update to use a default maximum session cache size other than infinite in JDK.

      Specification

      Update the SunJSSE provider to use 20480 as the default session cache size for SSLSessionContext.

            pkoppula Prasadarao Koppula (Inactive)
            phh Paul Hohensee
            Sean Coffey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: