The SSL Session Cache Is Purged a Few Minutes After You Start Your Computer

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
A few minutes after you start your computer and log on, a full Secure Sockets Layer (SSL) handshake may be performed again when you refresh a secured page (a page that uses the HTTPS protocol) in Microsoft Internet Explorer 6 on Windows XP. You can see this behavior by viewing a network trace.
This problem occurs because the SSL session cache is unexpectedly purged. The SSL session cache is maintained by Schannel.dll, which is hosted by the Lsass process.
To resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
322389 How to Obtain the Latest Windows XP Service Pack

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

File information

The English version of this fix should have the following file attributes or later:
   Date         Time   Version      Size     File name   ------------------------------------------------------   04-Apr-2002  12:10  5.1.2600.41  136,704  Schannel.dll				

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows XP Service Pack 1.
More information
When you use SSL3 or Transport Layer Security (TLS), a full handshake should occur only when:
  • You make the initial SSL connection to the Web server.
  • The SSL session times out. You can control this by using the ClientCacheTime registry value.For additional information about this registry value, click the article number below to view the article in the Microsoft Knowledge Base:
    247658 How to Configure Secure Sockets Layer Server and Client Cache Elements
The problem occurs only one time after you start the computer. Note that only SSL3 and TLS support a session ID that permits the SSL session to resume without performing a full handshake. The session ID is part of the CLIENT-HELLO message.
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

Article ID: 319613 - Last Review: 01/12/2015 19:57:01 - Revision: 1.0

Microsoft Windows XP Professional, Microsoft Windows XP Home Edition

  • kbnosurvey kbarchive kbautohotfix kbhotfixserver kbqfe kbbug kbfix kbsecurity kbwinxpsp1fix KB319613