Renegotiating the Session Key


SSL key renegotiation is deprecated in release 4.3; it is not supported in release 5.0.

When a server and a Java client establish an SSL connection, the client and the server agree on a symmetric key for encrypting and decrypting data they will exchange. In the default behavior, this key lasts for the lifetime of the session, but you can configure the server or client to renegotiate keys for client sessions (that is, replace them with new keys) based on elapsed time or on the amount of data exchanged.

Key renegotiation features apply only to Java client sessions. It is not available in other client APIs (such as .NET), nor in communications between two servers.
Renegotiating a key can adversely affect overall performance. If you set renegotiation parameters, ensure that renegotiation occurs only when truly required.

See Also

ssl_renegotiate_size

ssl_renegotiate_interval

TibjmsContext.SSL_RENEGOTIATE_INTERVAL

TibjmsContext.SSL_RENEGOTIATE_SIZE


TIBCO Enterprise Message Service™ User’s Guide
Software Release 4.3, February 2006
Copyright © TIBCO Software Inc. All rights reserved
www.tibco.com