I have been trying out SSL session reuse on Android webview. We noticed that the ssl session is being re-used if the consecutive requests happen within ~5 seconds. In the server(nginx) we have set the
ssl_session_timeout 10m meaning, 10 minutes and keep-alive is for 30 seconds.
Seems like the Android webview control is destroying session-id after 5 seconds.
How can we reuse the ssl session for at least 30 seconds?
If using Httpclient, you may try it on Desktop platform.
1, Write a Java code on PC with Httpclient,
2, Try it with browser.
If it shows the same results, SSL session breaks in 5 secs, that maybe some troubles in Server side.
If not, that maybe something wrong with client side.
I don’t know whether you have already solved the issue, but one pretty vague solution to reuse the session is to fetch the session ID, and send the session ID along with the URL to be opened in the WebView.