I understand from various sources that shaking hands with HTTPS is the hardest part of using HTTPS. I use POST inside between my servers to transfer information and would like to use HTTPS for this. I wondered how long a long HTTPS handshake lasts / "stays open"? Is it repeated for every POST that I send to the server, or for how long?
SSL confirmation is only performed at the beginning of the session and is mainly associated with the generation of a shared session key, which is used to encrypt all subsequent traffic.
You can find a very good description of the handshake here .
I believe that a handshake occurs when connecting (i.e. as part of SSL negotiation). It uses keep-alive HTTP connections, then the handshake only happens once while the connection is active.
I do not know the details, but I am sure that a handshake should appear only when the session starts. That would be too expensive.
Edit: Here is a nice description of the process .