The sk sk163594 - What's new in HTTPS Inspection starting from R80.20 says:
At the start of the TLS handshaking process, the client sending the TLS Client Hello indicates the hostname it is attempting to connect to by providing the server hostname as the content of the SNI field. The Security Gateway matches this hostname against the Subject Alternative Names found in the certificate presented as content of the certificate presented by the responding host in the TLS Server Hello.
"The Security Gateway keeps a cache about the result of this verification process in order to save CPU cycles, traffic, and connection initialization latency if subsequent TLS connections are requested to the same destination site."
Anyone that know how long these records stays in the cache, and if it configurable?