nsopenssl would give you the ability to talk between your servers directly.
SSL session caching allows a client and server to set up the initial connection, and then share a long random id. The server uses the id as a key and caches the SSL conn info, such as the keys, ciphers and so on used for the connection. When the client connects again and passes this id. If session caching is turned on in nsopenssl, then the client and server don't have to go throught the whole SSL setup procedure again. The session caching capability is managed by the OpenSSL library internally. BTW, if you're using nsopenssl ALWAYS TURN ON SESSION CACHING. MSIE doesn't work properly without it. /s. > > I have an application where two AOLserver instances on two different > nodes > are going to have lots and lots of communication between themselves -- > I > would prefer to keep the connections transient, but want to know what > the > alternatives are. It's interesting to know that nsopenssl/nsssl may > already > be doing some of this. > > Can you tell me more about how this connection caching is done in > AOLserver? > > Is it handled entirely within nsopenssl/nsssl? Is it actually keeping > the > TCP/IP connection open, or just caching some of the SSL/crypto data? > If the > latter, how does it determine a new request is actually part of an old > SSL > session? > > Thanks, > > > Jerry > -- Scott Goodwin [EMAIL PROTECTED] http://scottg.net
