Disabling SSL session renegotiation

About disabling SSL session renegotiation

The SSL session renegotiation feature enables the SSL client and server to reuse a previously negotiated SSL session for an abbreviated handshake.

Disabling session renegotiation causes more computational overhead to the system but it can avoid potential risks.

Restrictions and guidelines

Disable SSL session renegotiation only when explicitly required.

Procedure

  1. Enter system view.

    system-view

  2. Disable SSL session renegotiation.

    ssl renegotiation disable

    By default, SSL session renegotiation is enabled.