diff --git a/doc/dox_comments/header_files/ssl.h b/doc/dox_comments/header_files/ssl.h
index a0faf7fb0..8d67d9c7d 100644
--- a/doc/dox_comments/header_files/ssl.h
+++ b/doc/dox_comments/header_files/ssl.h
@@ -2384,7 +2384,7 @@ WOLFSSL_API void       wolfSSL_flush_sessions(WOLFSSL_CTX*, long);
     }
     \endcode
 
-    \sa GetSessionClient
+    \sa wolfSSL_set_session
 */
 WOLFSSL_API int        wolfSSL_SetServerID(WOLFSSL*, const unsigned char*,
                                          int, int);
@@ -3794,7 +3794,10 @@ WOLFSSL_API const char*  wolfSSL_get_cipher(WOLFSSL*);
 /*!
     \ingroup Setup
 
-    \brief This function returns the WOLFSSL_SESSION from the WOLFSSL structure.
+    \brief This function returns the WOLFSSL_SESSION from the WOLFSSL structure
+    as a reference type. This requires calling wolfSSL_SESSION_free to release
+    the session reference. If the referred to session expires from the cache an
+    error will occur when trying to set the session.
 
     \return WOLFSSL_SESSION On success return session pointer.
     \return NULL on failure returns NULL.
@@ -3806,12 +3809,18 @@ WOLFSSL_API const char*  wolfSSL_get_cipher(WOLFSSL*);
     WOLFSSL* ssl;
     WOLFSSL_SESSION* ses;
     // attempt/complete handshake
+    wolfSSL_connect(ssl);
     ses  = wolfSSL_get1_session(ssl);
     // check ses information
+    // disconnect / setup new SSL instance
+    wolfSSL_set_session(ssl, ses);
+    // attempt/resume handshake
+    wolfSSL_SESSION_free(ses);
     \endcode
 
     \sa wolfSSL_new
     \sa wolfSSL_free
+    \sa wolfSSL_SESSION_free
 */
 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
 
diff --git a/src/internal.c b/src/internal.c
index 607f26773..7efe10510 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -29276,7 +29276,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         ssl->options.haveSessionId = 1;
         /* DoClientHello uses same resume code */
         if (ssl->options.resuming) {  /* let's try */
-            WOLFSSL_SESSION* session = GetSession(ssl,
+            WOLFSSL_SESSION* session = wolfSSL_GetSession(ssl,
                                                   ssl->arrays->masterSecret, 1);
             #ifdef HAVE_SESSION_TICKET
                 if (ssl->options.useTicket == 1) {
@@ -29351,7 +29351,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         } else
     #endif
         {
-            session = GetSession(ssl, ssl->arrays->masterSecret, 1);
+            session = wolfSSL_GetSession(ssl, ssl->arrays->masterSecret, 1);
         #ifdef HAVE_EXT_CACHE
             gotSess = 1;
         #endif
diff --git a/src/sniffer.c b/src/sniffer.c
index fe1db4e24..a1d75653b 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -3084,7 +3084,8 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
 
         /* Use the wolf Session cache to retain resumption secret */
         if (session->flags.cached == 0) {
-            WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL, 0);
+            WOLFSSL_SESSION* sess = wolfSSL_GetSession(session->sslServer,
+                NULL, 0);
             if (sess == NULL) {
                 AddSession(session->sslServer); /* don't re add */
             #ifdef WOLFSSL_SNIFFER_STATS
@@ -3121,8 +3122,8 @@ static int DoResume(SnifferSession* session, char* error)
 
 #ifdef WOLFSSL_TLS13
     if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-        resume = GetSession(session->sslServer,
-                            session->sslServer->session.masterSecret, 0);
+        resume = wolfSSL_GetSession(session->sslServer,
+                                    session->sslServer->session.masterSecret, 0);
         if (resume == NULL) {
             /* TLS v1.3 with hello_retry uses session_id even for new session,
                 so ignore error here */
@@ -3132,8 +3133,8 @@ static int DoResume(SnifferSession* session, char* error)
     else
 #endif
     {
-        resume = GetSession(session->sslServer,
-                            session->sslServer->arrays->masterSecret, 0);
+        resume = wolfSSL_GetSession(session->sslServer,
+                                    session->sslServer->arrays->masterSecret, 0);
         if (resume == NULL) {
         #ifdef WOLFSSL_SNIFFER_STATS
             INC_STAT(SnifferStats.sslResumeMisses);
@@ -3967,7 +3968,7 @@ static int ProcessFinished(const byte* input, int size, int* sslBytes,
     if (ret == 0 && session->flags.cached == 0) {
         if (session->sslServer->options.haveSessionId) {
         #ifndef NO_SESSION_CACHE
-            WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL, 0);
+            WOLFSSL_SESSION* sess = wolfSSL_GetSession(session->sslServer, NULL, 0);
             if (sess == NULL) {
                 AddSession(session->sslServer); /* don't re add */
             #ifdef WOLFSSL_SNIFFER_STATS
diff --git a/src/ssl.c b/src/ssl.c
index 3caf33f2c..46deaf0f2 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -12231,7 +12231,7 @@ WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("SSL_get_session");
     if (ssl)
-        return GetSession(ssl, NULL, 1);
+        return wolfSSL_GetSession(ssl, NULL, 1);
 
     return NULL;
 }
@@ -12241,7 +12241,7 @@ WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)
 {
     WOLFSSL_SESSION* sess = NULL;
     if (ssl != NULL) {
-        sess = GetSessionRef(ssl);
+        sess = wolfSSL_GetSessionRef(ssl);
         if (sess != NULL) {
             /* wolfSSL_get_session returns either static cache or ref. If ref then
             * increase reference counter */
@@ -12280,7 +12280,7 @@ int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
 {
     WOLFSSL_ENTER("SSL_set_session");
     if (session)
-        return SetSession(ssl, session);
+        return wolfSSL_SetSession(ssl, session);
 
     return WOLFSSL_FAILURE;
 }
@@ -12301,11 +12301,11 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
         return BAD_FUNC_ARG;
 
     if (newSession == 0) {
-        session = GetSessionClient(ssl, id, len);
+        session = wolfSSL_GetSessionClient(ssl, id, len);
         if (session) {
-            if (SetSession(ssl, session) != WOLFSSL_SUCCESS) {
+            if (wolfSSL_SetSession(ssl, session) != WOLFSSL_SUCCESS) {
             #ifdef HAVE_EXT_CACHE
-                FreeSession(session);
+                wolfSSL_FreeSession(session);
             #endif
                 WOLFSSL_MSG("SetSession failed");
                 session = NULL;
@@ -12321,7 +12321,7 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
     }
 #ifdef HAVE_EXT_CACHE
     else {
-        FreeSession(session);
+        wolfSSL_FreeSession(session);
     }
 #endif
 
@@ -15054,7 +15054,7 @@ int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to)
 #ifndef NO_CLIENT_CACHE
 
 /* Get Session from Client cache based on id/len, return NULL on failure */
-WOLFSSL_SESSION* GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
+WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
 {
     WOLFSSL_SESSION* ret = NULL;
     word32          row;
@@ -15196,7 +15196,7 @@ static int SslSessionCacheOff(const WOLFSSL* ssl, const WOLFSSL_SESSION* session
                 ;
 }
 
-WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
+WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
         byte restoreSessionCerts)
 {
     WOLFSSL_SESSION* ret = NULL;
@@ -15288,7 +15288,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
     return ret;
 }
 
-int SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
+int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
 {
     int ret = WOLFSSL_SUCCESS, row = -1;
 #ifdef HAVE_SESSION_TICKET
@@ -15758,7 +15758,7 @@ int AddSession(WOLFSSL* ssl)
         cbRet = ssl->ctx->new_sess_cb(ssl, session);
     }
     if (ssl->options.internalCacheOff && cbRet == 0) {
-        FreeSession(session);
+        wolfSSL_FreeSession(session);
     }
 #endif
 
@@ -16016,7 +16016,7 @@ int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
 #else  /* NO_SESSION_CACHE */
 
 /* No session cache version */
-WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
+WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
         byte restoreSessionCerts)
 {
     (void)ssl;
@@ -23292,7 +23292,7 @@ int wolfSSL_session_reused(WOLFSSL* ssl)
     return resuming;
 }
 
-WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl)
+WOLFSSL_SESSION* wolfSSL_GetSessionRef(WOLFSSL* ssl)
 {
     WOLFSSL_SESSION* session;
 #ifdef ENABLE_CLIENT_SESSION_REF
@@ -23302,13 +23302,14 @@ WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl)
     int refCount = 0;
 #endif
 
-    session = GetSession(ssl, NULL, 1);
+    session = wolfSSL_GetSession(ssl, NULL, 1);
     if (session == NULL) {
         return session;
     }
 
 #ifdef ENABLE_CLIENT_SESSION_REF
-    /* if GetSessionRef has already been called then use existing pointer */
+    /* if wolfSSL_GetSessionRef has already been called then use existing
+     * pointer */
     ref = (WOLFSSL_SESSION*)ssl->session.refPtr;
     if (ref == NULL) {
         ref = (WOLFSSL_SESSION*)XMALLOC(refSize, ssl->heap,
@@ -23338,7 +23339,7 @@ WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl)
 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
 
 /* return a new malloc'd session with default settings on success */
-WOLFSSL_SESSION* NewSession(void* heap)
+WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
 {
     WOLFSSL_SESSION* ret = NULL;
 
@@ -23365,7 +23366,7 @@ WOLFSSL_SESSION* NewSession(void* heap)
 
 WOLFSSL_SESSION* wolfSSL_SESSION_new_ex(void* heap)
 {
-    WOLFSSL_SESSION* ret = NewSession(heap);
+    WOLFSSL_SESSION* ret = wolfSSL_NewSession(heap);
 
 #ifdef OPENSSL_EXTRA
     if (ret != NULL) {
@@ -23428,7 +23429,7 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
     }
 #endif
 
-    copy = NewSession(session->heap);
+    copy = wolfSSL_NewSession(session->heap);
     if (copy != NULL) {
         XMEMCPY(copy, session, sizeof(WOLFSSL_SESSION));
         copy->type = WOLFSSL_SESSION_TYPE_HEAP;
@@ -23473,7 +23474,7 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
 
 #endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */
 
-void FreeSession(WOLFSSL_SESSION* session)
+void wolfSSL_FreeSession(WOLFSSL_SESSION* session)
 {
     if (session == NULL)
         return;
@@ -23537,7 +23538,7 @@ void FreeSession(WOLFSSL_SESSION* session)
 
 void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)
 {
-    FreeSession(session);
+    wolfSSL_FreeSession(session);
 }
 
 #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index ec3ea5502..529b28a24 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -3452,17 +3452,17 @@ struct WOLFSSL_SESSION {
 };
 
 
-WOLFSSL_LOCAL WOLFSSL_SESSION* NewSession(void* heap);
-WOLFSSL_LOCAL WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
-WOLFSSL_LOCAL WOLFSSL_SESSION* GetSessionRef(WOLFSSL*);
-WOLFSSL_LOCAL int              SetSession(WOLFSSL*, WOLFSSL_SESSION*);
-WOLFSSL_LOCAL void             FreeSession(WOLFSSL_SESSION*);
+WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_NewSession(void* heap);
+WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL*, byte*, byte);
+WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_GetSessionRef(WOLFSSL*);
+WOLFSSL_LOCAL int              wolfSSL_SetSession(WOLFSSL*, WOLFSSL_SESSION*);
+WOLFSSL_LOCAL void             wolfSSL_FreeSession(WOLFSSL_SESSION*);
 
 typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int);
 
 #ifndef NO_CLIENT_CACHE
     WOLFSSL_LOCAL
-    WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
+    WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL*, const byte*, int);
 #endif
 
 /* client connect state for nonblocking restart */