MINOR: ssl: Add tune.ssl.lifetime statement in global. Sets the ssl session <lifetime> in seconds. Openssl default is 300 seconds.

commit: 4f65bff1a533e16a41c6331d1ccf234d6db53bc0 [log] [tgz]
author: Emeric Brun <ebrun@exceliance.fr> Fri Nov 16 15:11:00 2012 +0100
committer: Willy Tarreau <w@1wt.eu> Fri Nov 16 16:47:20 2012 +0100
tree: f05a04272a50a9875e9865c611cb7306a40e0b5f
parent: 6ec58dbacc508dda74e617986faa007a8d3915c3 [diff] [blame]
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 9efd602..289e99a 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -860,6 +860,14 @@
   allocated upon startup and are shared between all processes if "nbproc" is
   greater than 1.
 
+tune.ssl.lifetime <timeout>
+  Sets how long a cached SSL session may remain valid. This time is expressed
+  in seconds and defaults to 300 (5 mn). It is important to understand that it
+  does not guarantee that sessions will last that long, because if the cache is
+  full, the longest idle sessions will be purged despite their configured
+  lifetime. The real usefulness of this setting is to prevent sessions from
+  being used for too long.
+
 tune.zlib.memlevel <number>
   Sets the memLevel parameter in zlib initialization for each session. It
   defines how much memory should be allocated for the intenal compression
commit	4f65bff1a533e16a41c6331d1ccf234d6db53bc0	[log] [tgz]
author	Emeric Brun <ebrun@exceliance.fr>	Fri Nov 16 15:11:00 2012 +0100
committer	Willy Tarreau <w@1wt.eu>	Fri Nov 16 16:47:20 2012 +0100
tree	f05a04272a50a9875e9865c611cb7306a40e0b5f
parent	6ec58dbacc508dda74e617986faa007a8d3915c3 [diff] [blame]