TLS handshakes on port 443 must complete within a configurable period, otherwise they will be forcibly terminated. By default, this period is 10 seconds. If smart card authentication is enabled, TLS handshakes on port 443 can complete within 100 seconds.

If required, you can adjust the time for TLS handshakes on port 443 by adding the following property to the locked.properties file:

handshakeLifetime = lifetime_in_seconds

For example:

handshakeLifetime = 20

Optionally, the client that is responsible for an over-running TLS handshake can be automatically added to a denylist. See Client Denylisting for more information.