Follow

Q&A: What does the "Unclean Shutdown" and "Strict Resume" functionality do in the advanced SSL settings?

Question

  • In regards to the "Session End" configuration in the advanced SSL settings, what do the "Unclean Shutdown" and "Strict Resume" functions do?

Environment

  • Silverline WAF
  • Silverline DDoS
  • SSL Advanced Settings

Answer

Unclean Shutdown

  • In an unclean shutdown, underlying TCP connections are closed without exchanging the required SSL shutdown alerts. However, you can disable unclean shutdowns and thus force the SSL profile to perform a clean shutdown of all SSL connections by configuring this setting.
  • This feature is especially useful with respect to the Internet Explorer browser. Different versions of the browser, and even different builds within the same version of the browser, handle shutdown alerts differently. Some versions or builds require shutdown alerts from the server, while others do not, and the SSL profile cannot always detect this requirement or lack of it. In the case where the browser expects a shutdown alert but the SSL profile has not exchanged one (the default setting), the browser displays an error message.

  • By default, this setting is enabled, which means that Silverline performs unclean shutdowns of all SSL connections.

Strict Resume

  • Within your Advanced SSL Settings, you can configure your SSL profile to discontinue an SSL session after an unclean shutdown. By default, this setting is disabled, which causes Silverline to resume SSL sessions after an unclean shutdown. If you enable this setting, Silverline does not resume SSL sessions after an unclean shutdown.

Screen_Shot_2020-10-28_at_2.13.26_PM.png

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request