SSL session not being reused in Android WebView-ThrowExceptions

Exception or error:

I have been trying out SSL session reuse on Android webview. We noticed that the ssl session is being re-used if the consecutive requests happen within ~5 seconds. In the server(nginx) we have set the ssl_session_timeout 10m meaning, 10 minutes and keep-alive is for 30 seconds.

Seems like the Android webview control is destroying session-id after 5 seconds.

How can we reuse the ssl session for at least 30 seconds?

How to solve:

If using Httpclient, you may try it on Desktop platform.

1, Write a Java code on PC with Httpclient,
2, Try it with browser.

If it shows the same results, SSL session breaks in 5 secs, that maybe some troubles in Server side.
If not, that maybe something wrong with client side.

Good luck.


I don’t know whether you have already solved the issue, but one pretty vague solution to reuse the session is to fetch the session ID, and send the session ID along with the URL to be opened in the WebView.

For e.g.: http://your.required.url/your.context/your.action;jsessionid=<the_current_session_id>?GET=PARAMETERS

Leave a Reply

Your email address will not be published. Required fields are marked *