[openssl-users] Storing session in file and reusing at client side

Dr. Stephen Henson steve at openssl.org
Mon May 2 20:06:48 UTC 2016


On Mon, May 02, 2016, Shubham Chauhan wrote:

> Hello,
> 
> I wanted to store the freshly negotiated ssl/tls session in a file and
> reuse it (via SSL_set_session()), in the next handshake. I was not able to
> do that since the handshake got terminated giving a fatal error - illegal
> parameters (47).
> 
> Although this works perfectly fine when I store the session in a global
> variable at the client side and use it the next time. But I need to use the
> same session across multiple clients (I hope session does not store the IP
> and DNS entries).
> 
> I had the following questions-
> 1). Why is the session, when stored in an external file, resulting into the
> "illegal parameter" error?
> 2). Is there some other way to handle the same session among different
> client *.c files? Something better than writing down the session in a file
> (well, even this does not seems to work for me!)
> 

Is it the server sending the error? Is the server running OpenSSL? Does it
happen with the same client running the same software with the same IP address
or does it only happen with different IP addresses?

I'm wondering if the server rejects the attempt to resume from different IP
addresses.

Also see if you can reproduce the behaviour with s_client using -sess_out and
-sess_in options.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org


More information about the openssl-users mailing list