Configure Dataserver SSL Parameters¶

These properties allow you to fine-tune SSL behavior for the HTTP server. Adjusting these settings helps optimize SSL handshake performance, control memory usage, and improve connection reuse under high load. They are typically used when the service handles large volumes of HTTPS traffic or requires strict control over SSL session management.

Property	Description	Default Value
DATASERVER_HTTPS_KEYSTORE_CACHE_SIZE	Defines the maximum number of keystore entries that can be cached. Increasing this value reduces the overhead of repeatedly loading certificate and key material, improving SSL handshake performance, especially under high concurrency.	1024
DATASERVER_HTTPS_SSL_SESSION_CACHE_SIZE	Specifies the maximum number of SSL sessions that can be cached by the server. A larger cache size allows more clients to resume existing SSL sessions, reducing handshake latency and improving throughput.	20480
DATASERVER_HTTPS_SSL_SESSION_TIMEOUT	Sets the timeout duration (in seconds) for cached SSL sessions. Sessions older than this value are removed from the cache. Adjusting this helps balance security and performance. Shorter timeouts increase security, while longer timeouts improve session reuse.	600

Self Managed and Data Plane

SSH to the instance where Privacera Manager is installed.

Run the following command to open the vars.dataserver.aws.yml file.

Bash
1	`vi ~/privacera/privacera-manager/config/custom-vars/vars.dataserver.aws.yml`

Add the following properties to the vars.dataserver.aws.yml file:

YAML
DATASERVER_HTTPS_KEYSTORE_CACHE_SIZE: 1024
DATASERVER_HTTPS_SSL_SESSION_CACHE_SIZE: 20480
DATASERVER_HTTPS_SSL_SESSION_TIMEOUT: 600

Adjust the values based on the traffic requirements.

Once the properties are configured, refer to the Privacera Manager Quickstart.

Prev topic: Advanced Configuration