Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to clear the client-side .Net SSL session cache

Tags:

.net

caching

ssl

session

I am writing a little test tool, which uses HttpWebRequest to load test a server. I want for each time I try to call HttpWebRequest.GetResponse() for it establish a fresh SSL session instead of using the one in the cache. Note: I am supplying a client certificate, and using Mutual Authentication for the SSL Session.

Is there a way to clear the SSL Session cache referred to in http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.clientcertificates.aspx ?

like image 645
DVisser Avatar asked Mar 09 '11 19:03

DVisser

People also ask

What happens if I clear SSL cache?

Clearing the SSL state eliminates the problems of caching certificates since it wipes out the cache. Doing this shouldn't be necessary in day-to-day computing, since resetting your computer or, in some cases, closing your browser, will also clear your SSL state.

What is SSL session cache?

Cached sessions allow the client to reuse a session in a subsequent connection. The SSL Cache Size setting controls how many entries can be cached. Set this to a number less than or equal to the maximum connections setting for the server. The default cache size for security profiles created in EAServer Manager is 30.

Do SSL certificates get cached?

Your ISP does not cache any SSL cert. But they cache DNS entries and NS entries on their NameServers. So if they still resolve to the old DNS entries you will be welcomed with an SSL error. This also means that your setup isn't working properly and you definitely should install a SSL cert on your origin server.

2 Answers

The ServicePoint class has an internal method called ReleaseAllConnectionGroups that sets KeepAlive = false on all the connections then releases them. This answer includes all the reflection needed, but setting KeepAlive = false on every HttpWebRequest will keep the client-side .Net SSL session cache clear.

SslEmptyCache may be required to clear caching of SSL-SessionID and/or tickets done by SCHANNEL at the native-code level.

like image 130
user423430 Avatar answered Oct 20 '22 01:10

user423430

I think you're looking for the HttpRequestCacheLevel Enumeration value NoCacheNoStore

http://msdn.microsoft.com/en-us/library/system.net.cache.httprequestcachelevel.aspx

You can then overwrite the HttpRequestCachePolicy

http://msdn.microsoft.com/en-us/library/system.net.webrequest.cachepolicy.aspx

like image 20
iivel Avatar answered Oct 20 '22 01:10

iivel
Sign in to Comment

Related questions

Having trouble serializing NetTopologySuite FeaturesCollection to GeoJSON
Process.Start() significantly slower than executing in console
What are the groups of four dashes in the .NET reference source code?
Error occurred during the pre-login handshake
Plugin system security in .NET Framework 4.x (without CAS)
SonarQube MSBuild Scanner doesn't exclude files from analysis
Visual studio conflicts between Reference and Platform
Whats the difference between IAsyncEnumerable<T> vs IEnumerable<Task<T>>?
Crystal Reports and LINQ
ASP.NET - how to show a error page when uploading big file (Maximum request length exceeded)?
WYSIWYG Control for Winform
Write Files to WPD device via MTP C#/VB.net
Handling ObjectDisposedException correctly in an IDisposable class hierarchy [closed]
Can I tell the CLR to marshal immutable objects between AppDomains by reference?
Is there a .Net equivalent to java.util.concurrent.Executor?
How do I turn off the "Convert Extension Method to Plain Static" automatic refactoring in resharper?
Overriding Page class constructor in ASP.NET code-behind file -- when is it called?
Tutorial for building a REST service in VB.NET? [closed]
Repository pattern in F#
ImportNode creates empty xmlns attribute

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!