Re-establishing Secure Connections After Failovers

When high-availability (HA) redundant event brokers are used, and an event broker failover occurs, the amount of time required to reconnect clients significantly increases when a large public key size and/or a cipher suite using ECDHE (for example, ECDHE-RSA-AES256-SHA) is used for key establishment.

Therefore, if a large public key size and/or a cipher suite using ECDHE for key establishment is used, it might not be possible to reconnect a large number of clients to the redundant event broker within the default amount of reconnect time specified by the Solace messaging APIs (30 seconds).

If you have a large number of client connections that must be automatically reestablished after an event broker failover, the following steps should be considered:

• use a cipher suite that uses a simpler algorithm, such as RSA, for key establishment
• increase the client reconnect values. For example, see Configuring Connection Time-Outs and Retries for Solace messaging APIs and Configuring Connection Time-Outs and Retries for the Solace JMS API.
• limit the number of permitted client connections to the event broker. The maximum number of client connections is set per-Message VPN. See Configuring Maximum Connections.

Temporary endpoints are maintained for a maximum of 60 seconds if the client that created those endpoints disconnects for a reason other than an event broker failover or reboot. If those clients do not reconnect within this time, the temporary endpoints are removed. If the client disconnect is caused by an event broker HA failover or reboot, the temporary endpoints are maintained for a maximum of 180 seconds.