Details
-
Bug
-
Resolution: Done
-
Major
-
None
-
None
Description
SSL context client-side configuration is problematic in that the SSL context is not (and cannot be) cached. This means that we lose SSL session reuse and other benefits which may cause problems for users.
However we also cannot just cache an SSL context on a configuration either - the client credentials may vary on each request, causing leakage between identities.
What we need to do is have a separate SSL context client configuration mechanism, and use the generic client context configuration to reference this SSL context client configuration.