Article ID: 247658 - View products that this article applies to.
This article was previously published under Q247658
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspxFor more information about IIS 7.0, visit the following Microsoft Web site:
When you access the Web server, Secure Sockets Layer (SSL) session IDs and other SSL session information are kept in the Schannel cache. You must know the length of time that the SSL session information is cached so that you can set the appropriate length when you develop load-balancing applications that identify separate users based on their SSL session number. You can modify the length of time that the SSL session information is cached for Internet Information Server (IIS) 4.0 and Internet Information Services (IIS) 5.0 with the registry entries that are described in the Modify the SChannel Cache section of this article.
To modify the length of time that the SSL session information is cached, follow these steps:
The following are the registry key locations and values:
The default ServerCacheTime and ClientCacheTime values are different by the version of Schannel.dll.
The CacheTime values are as follows:
Collapse this tableExpand this table
The registry key locations apply to all versions of the Schannel cache. Keep the server-side interval short for better management of the overall size of the Schannel cache.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/265369/ )Internet Explorer renegotiates Secure Sockets Layer connection every two minutes
Article ID: 247658 - Last Review: July 7, 2008 - Revision: 4.1