Ssl session id workflow – Brocade Virtual ADX Server Load Balancing Guide (Supporting ADX v03.1.00) User Manual
Page 315
Brocade Virtual ADX Server Load Balancing Guide
299
53-1003247-01
Setting up SSL session ID switching
5
SSL session ID workflow
illustrates how the initial SSLHP messages exchanged between a client and server,
client_hello and server_hello, establish an SSL Session ID.
FIGURE 33
How the SSL Handshake Protocol Establishes a Session ID
If the value in the session_id field that the client sends to the server is non-zero, the Brocade
Virtual ADX can connect the client to the server that originally sent the Session ID value.
illustrates how this function, called SSL Session ID switching, works.
NOTE
SSL Session ID switching is supported for SSL v3.0 and higher only. In SSL versions prior to 3.0, the
session ID was established later in the handshaking process, after the client and server had started
exchanging encrypted data. If the session ID is encrypted, the Brocade Virtual ADX cannot make
forwarding decisions based on this information.
If the client source IP address is changed, session persistence based on SSL Session ID does not
work since Session ID information is not copied across Application Processors. If the source IP is
changed, the session may be processed by different Application Processor. The only exception is
SI-1008-1 model with single Application Processor.