ssl_session_cache

The ssl_session_cache directive in NGINX specifies the caching mechanism for SSL session parameters, which improves performance by reducing the overhead of establishing SSL connections. By caching SSL sessions, clients can resume connections without needing to complete the full SSL handshake, thereby speeding up the process, especially for repeat visitors. This directive can be configured for the http and server contexts, allowing for flexibility depending on how SSL is applied across different servers or locations.

The syntax for ssl_session_cache allows one or two parameters: the cache type and optionally the size of the cache. The cache type can either be shared or none, where the shared type indicates that the cache can be utilized across multiple worker processes. If specified, the size controls the maximum number of session parameters stored in the cache, significantly influencing memory usage and capacity. The behavior of this caching mechanism is influenced by the size and management of the SSL session cache, which directly affects the performance of SSL connections for end users.

When a client reconnects and provides its session ID, NGINX can quickly retrieve the cached session parameters, provided that they haven't expired, thus allowing the server to skip the heavy computation involved in establishing a new session. This is especially beneficial in high-traffic scenarios where reducing latency for SSL connections is critical.