TLS sessions from client to router and router to server can be cached and resumed when needed. This shortens the connection handshake, saving time and resources.
MySQL Router uses the following caches:
Client TLS session cache: Caches TLS session from the client to MySQL Router.
Server TLS session cache: Caches TLS sessions from the MySQL Router to the server.
The following configuration options control the session caching:
-
Client TLS session cache:
-
client_ssl_session_cache_mode
: Enables or disables the cache for client-router TLS sessions.NoteEnabled by default. If this parameter is not set, the cache is enabled. To disable the cache, you must explicitly define it.
client_ssl_session_cache_size
: Defines the maximum number of sessions cached.client_ssl_session_cache_timeout
: Defines the maximum amount of time, in seconds, a session remains in the cache. If the timeout is reached, and this session is not reused, the session is removed from the cache and the connection is closed.
-
-
Server TLS Cache:
-
server_ssl_session_cache_mode
: Enables or disables the cache for router-server sessions.NoteEnabled by default. If this parameter is not set, the cache is enabled. To disable the cache, you must explicitly define it.
server_ssl_session_cache_size
: Defines the maximum number of sessions cached.server_ssl_session_cache_timeout
: Defines the maximum amount of time, in seconds, a session remains in the cache. If the timeout is reached, and this session is not reused, the session is removed from the cache and the connection is closed.
-