Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

alt

Daniel Nashed

Tuning Domino Servers for TLS sessions

Daniel Nashed – 23 May 2023 07:27:19

My previous post was mainly about HTTP traffic and I mentioned TLS/SSL don't use the maximum number of connections settings, because they have a SSL/TLS session.
Establishing a new TLS session has significant overhead! And you have to make sure in any application, that those sessions are cached and resumed.

I revisited a blog post from 2012 where I explained a fix, which went into 8.5.3. And was enabled in 8.5.4 by default (which turned into the 9.0 release when shipped as far I recall).
There was an issue with the session cache and a new cache had been implemented in 8.5.3. Today the new cache is the default and SSL_USE_ADDSESSION2=1 does not exist any more.


SSL_RESUMABLE_SESSIONS=n

Number of SSL/TLS sessions cached and can be resumed. Default is still 50.
You might want to increase it to 400 or higher for a large server depending on your needs.


SSL_SESSION_SIZE=n

Default size of the buffer allocated for the entry. If the size is too small, the memory is re-allocated when the session is created.
The SSL cert size has impact in the size required.

The default is quite small and would not fit current needs in many cases.
At the time the original blog post was written, the size requirements have been different.

I have this set to 8000 bytes since that time. So it is hard to tell for me, how often the default size does not fit.

If your value is too low, you might see messages like this on your console periodically:

"New SSL session data length of X bytes is larger than the current size of Y bytes."
"You may want to set the Notes.ini variable SSL_SESSION_SIZE to at least Z bytes."

My starting point for tuning

I would probably set it to 8000 today. Which would be around 3 MB of memory for 400 session entries.


Using ECDSA NIST P-256 keys instead of RSA keys

Another important point about SSL/TLS performance is to switch from RSA to ECDSA keys for your web server certificate.
This would reduce the computing effort on both ends and would also introduce two modern ciphers selected automatically for ECDSA keys.
Domino fully supports ECDSA ciphers up to NIST P-512 since version 12.0.0. But you see from the list in the documentation, that you are absolutely fine today with ECDSA NIST P-256.

The two ciphers selected are:
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC02B)
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)



Enable Cipher and session logging

So see SSL session resumption and the TLS version and cipher selected, there is log setting which I have enabled on my servers.
I also wrote a small log analysis database to evaluate the ciphers. But now with ECDSA keys, I am less interested in checking the cipher selected.

set config SSL_LOG_SUCCESS=1
TLS1.2 resumed 79.194.8.70 (52459) -> 172.18.0.3 (443) - ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)


---

Reference for ECDSA:
https://help.hcltechsw.com/domino/12.0.2/admin/wn_ECDSA_cryptography.html


Reference for old SPR for the session cache:
SPR# SFPN69ET56 (8.5.3) - Added the new Notes.ini variable (SSL_SESSION_SIZE) that can be used to set the default starting size of elements in the SSL session resumption cache.
Increasing the size of this variable will result in a lower incidence of elements being reallocated on the fly in order to hold large X.509 client certificates, but will also consume more memory.
Beginning in 8.5.2 Fix Pack 3 and 8.5.3, there is a new notes.ini SSL_USE_ADDSESSION2. If set SSL_USE_ADDSESSION2=1 implements a new version of the SSL_ADDSESSION routine that resolves some stability issues.


Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]