[openssl-users] Why was early data rejected?
Matt Caswell
matt at openssl.org
Wed Sep 12 08:16:10 UTC 2018
On 12/09/18 08:07, John Jiang wrote:
> I just build OpenSSL 1.1.1 on MacOSX.
> Tried 0-RTT, and the commands like the followings,
> openssl s_server -cert server.cer -key server.key -tls1_3 -early_data
> -accept 9443
> ...
> openssl s_client -CAfile ca.cer -tls1_3 -sess_in openssl.sess
> -early_data data -connect localhost:9443
>
> s_client reported
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
The "New" here means that the resumption attempt failed. Successful
resumption is a pre-requisite for early data. How did you create
"openssl.sess"?
Matt
> ...
> Early data was rejected
> Verify return code: 0 (ok)
>
> What's wrong with my testing?
>
>
More information about the openssl-users
mailing list